diff --git a/Gopkg.toml b/Gopkg.toml
index 349b503370d11addf17bca0a46703d4e5aa98825..7e752095a137fa69907fe401e8baa8072079573a 100644
--- a/Gopkg.toml
+++ b/Gopkg.toml
@@ -25,7 +25,7 @@
 #   unused-packages = true
 
 [[constraint]]
-  branch = "master"
+  branch = "390-device-management-ability-to-remove-device"
   name = "code.vereign.com/code/restful-api"
 
 [prune]
diff --git a/javascript/src/constants/statuses.js b/javascript/src/constants/statuses.js
new file mode 100644
index 0000000000000000000000000000000000000000..64fe340b5b9cbac714070c61ae1a3bceba23af3e
--- /dev/null
+++ b/javascript/src/constants/statuses.js
@@ -0,0 +1 @@
+export const STATUS_DEVICE_REVOKED = "Device revoked";
diff --git a/javascript/src/iframe/viamapi-iframe.js b/javascript/src/iframe/viamapi-iframe.js
index adcf52c7c27183dd35f50a4ff7edd241575a51c6..a05fdd085cebcf19c55a28ce31b5dc512f451caf 100644
--- a/javascript/src/iframe/viamapi-iframe.js
+++ b/javascript/src/iframe/viamapi-iframe.js
@@ -18,6 +18,7 @@ import {
 } from '../utilities/signingUtilities';
 import CryptoData from '../CryptoData';
 import Identity from '../Identity';
+import {STATUS_DEVICE_REVOKED} from '../constants/statuses';
 
 const penpalMethods = require('../../temp/penpal-methods').default;
 const WopiAPI = require('./wopiapi-iframe');
@@ -193,6 +194,34 @@ function createEvent(actionId, type, payloads) {
   }
 }
 
+const destroyAuthentication = () => {
+  const authenticationPublicKey = localStorage.getItem("authenticatedIdentity");
+
+  window.viamApi.setIdentity("");
+  window.viamApi.setSessionData("", "");
+
+  clearPinCodeTtl(authenticationPublicKey);
+
+  localStorage.removeItem("uuid");
+  localStorage.removeItem("token");
+  localStorage.removeItem("authenticatedIdentity");
+
+  window.currentlyAuthenticatedIdentity = null;
+  window.lastTimeGetProfile = 0;
+};
+
+const destroyIdentity = () => {
+  destroyAuthentication();
+
+  if (window.currentlyLoadedIdentity) {
+    const { publicKey } = window.currentlyLoadedIdentity.authentication;
+
+    delete window.loadedIdentities[publicKey];
+    window.currentlyLoadedIdentity = null;
+    destroyIdentityFromLocalStorage(publicKey);
+  }
+};
+
 window.loadedIdentities = {};
 window.wopiAPI = new WopiAPI();
 window.collaboraApi = new CollaboraAPI();
@@ -202,6 +231,8 @@ window.currentlyAuthenticatedIdentity = null;
 window.currentlyLoadedIdentity = null;
 window.lastTimeGetProfile = 0;
 
+let iframeParent = null;
+
 const handleIdentityLogin = (identity, uuid, token) => {
   const { loadedIdentities, viamApi } = window;
   const { publicKey } = identity.authentication;
@@ -219,10 +250,22 @@ function executeRestfulFunction(type, that, fn, ...args) {
   const { currentlyAuthenticatedIdentity, viamApi, currentlyLoadedIdentity } = window;
 
   return new Penpal.Promise(executeResult => {
-    fn.apply(that, args).then((response) => {
+    fn.apply(that, args).then(async (response) => {
       const identity = currentlyAuthenticatedIdentity || currentlyLoadedIdentity;
 
-      if (type === "private" && identity && response.data.code === "400" && response.data.status === "Bad session") {
+      const { code, status } = response.data;
+
+      // Destroy local storage in case device was revoked
+      if (type === "private" && code === "401" && status === STATUS_DEVICE_REVOKED) {
+        destroyIdentity();
+
+        const event = createEvent("", "DeviceRevoked");
+        iframeParent.onEvent(event);
+
+        return executeResult(response.data);
+      }
+
+      if (type === "private" && identity && code === "400" && status === "Bad session") {
         viamApi.identityLogin("previousaddeddevice")
           .then((response) => {
             if (response.data.code === "200") {
@@ -696,17 +739,7 @@ const connection = Penpal.connectToParent({
         window.viamApi.identityLogout
       );
 
-      window.viamApi.setIdentity("");
-      window.viamApi.setSessionData("", "");
-      clearPinCodeTtl(authenticationPublicKey);
-
-      localStorage.removeItem("uuid");
-      localStorage.removeItem("token");
-      localStorage.removeItem("authenticatedIdentity");
-      delete window.loadedIdentities[authenticationPublicKey];
-      window.currentlyLoadedIdentity = null;
-      window.currentlyAuthenticatedIdentity = null;
-      window.lastTimeGetProfile = 0;
+      destroyAuthentication();
 
       return identityLogoutResponse;
     },
@@ -1041,6 +1074,8 @@ const connection = Penpal.connectToParent({
 });
 
 connection.promise.then(parent => {
+  iframeParent = parent;
+
   if (!navigator.cookieEnabled) {
     console.warn("Cookie disabled. Can't start library.");
     return;