diff --git a/native/components/access-token-handler.react.js b/native/components/access-token-handler.react.js
--- a/native/components/access-token-handler.react.js
+++ b/native/components/access-token-handler.react.js
@@ -18,7 +18,7 @@
         await commCoreModule.getCommServicesAuthMetadata();
       dispatch({
         type: setAccessTokenActionType,
-        payload: accessToken ?? null,
+        payload: accessToken && accessToken !== '' ? accessToken : null,
       });
     })();
   }, [dispatch]);
@@ -27,10 +27,10 @@
     const metadataEmitter = getCommServicesAuthMetadataEmitter();
     const subscription = metadataEmitter.addListener(
       'commServicesAuthMetadata',
-      (authMetadata: UserAuthMetadata) => {
+      ({ accessToken }: UserAuthMetadata) => {
         dispatch({
           type: setAccessTokenActionType,
-          payload: authMetadata.accessToken,
+          payload: accessToken && accessToken !== '' ? accessToken : null,
         });
       },
     );
diff --git a/native/cpp/CommonCpp/NativeModules/CommCoreModule.h b/native/cpp/CommonCpp/NativeModules/CommCoreModule.h
--- a/native/cpp/CommonCpp/NativeModules/CommCoreModule.h
+++ b/native/cpp/CommonCpp/NativeModules/CommCoreModule.h
@@ -163,7 +163,13 @@
       jsi::String userID,
       jsi::String deviceID,
       jsi::String accessToken) override;
+  virtual jsi::Value setCommServicesAuthMetadata(
+      jsi::Runtime &rt,
+      std::string userID,
+      std::string deviceID,
+      std::string accessToken);
   virtual jsi::Value getCommServicesAuthMetadata(jsi::Runtime &rt) override;
+  virtual jsi::Value clearCommServicesAuthMetadata(jsi::Runtime &rt) override;
   virtual jsi::Value setCommServicesAccessToken(
       jsi::Runtime &rt,
       jsi::String accessToken) override;
diff --git a/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp b/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
--- a/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
+++ b/native/cpp/CommonCpp/NativeModules/CommCoreModule.cpp
@@ -1583,31 +1583,39 @@
   auto userIDStr{userID.utf8(rt)};
   auto deviceIDStr{deviceID.utf8(rt)};
   auto accessTokenStr{accessToken.utf8(rt)};
+  return this->setCommServicesAuthMetadata(
+      rt, userIDStr, deviceIDStr, accessTokenStr);
+}
+
+jsi::Value CommCoreModule::setCommServicesAuthMetadata(
+    jsi::Runtime &rt,
+    std::string userID,
+    std::string deviceID,
+    std::string accessToken) {
   return createPromiseAsJSIValue(
       rt,
-      [this, userIDStr, deviceIDStr, accessTokenStr](
+      [this, userID, deviceID, accessToken](
           jsi::Runtime &innerRt, std::shared_ptr<Promise> promise) {
-        taskType job =
-            [this, promise, userIDStr, deviceIDStr, accessTokenStr]() {
-              std::string error;
-              try {
-                CommSecureStore::set(CommSecureStore::userID, userIDStr);
-                CommSecureStore::set(CommSecureStore::deviceID, deviceIDStr);
-                CommSecureStore::set(
-                    CommSecureStore::commServicesAccessToken, accessTokenStr);
-                CommServicesAuthMetadataEmitter::sendAuthMetadataToJS(
-                    accessTokenStr, userIDStr);
-              } catch (const std::exception &e) {
-                error = e.what();
-              }
-              this->jsInvoker_->invokeAsync([error, promise]() {
-                if (error.size()) {
-                  promise->reject(error);
-                } else {
-                  promise->resolve(jsi::Value::undefined());
-                }
-              });
-            };
+        taskType job = [this, promise, userID, deviceID, accessToken]() {
+          std::string error;
+          try {
+            CommSecureStore::set(CommSecureStore::userID, userID);
+            CommSecureStore::set(CommSecureStore::deviceID, deviceID);
+            CommSecureStore::set(
+                CommSecureStore::commServicesAccessToken, accessToken);
+            CommServicesAuthMetadataEmitter::sendAuthMetadataToJS(
+                accessToken, userID);
+          } catch (const std::exception &e) {
+            error = e.what();
+          }
+          this->jsInvoker_->invokeAsync([error, promise]() {
+            if (error.size()) {
+              promise->reject(error);
+            } else {
+              promise->resolve(jsi::Value::undefined());
+            }
+          });
+        };
         GlobalDBSingleton::instance.scheduleOrRunCancellable(
             job, promise, this->jsInvoker_);
       });
@@ -1673,6 +1681,10 @@
       });
 }
 
+jsi::Value CommCoreModule::clearCommServicesAuthMetadata(jsi::Runtime &rt) {
+  return this->setCommServicesAuthMetadata(rt, "", "", "");
+}
+
 jsi::Value CommCoreModule::setCommServicesAccessToken(
     jsi::Runtime &rt,
     jsi::String accessToken) {
diff --git a/native/cpp/CommonCpp/_generated/commJSI-generated.cpp b/native/cpp/CommonCpp/_generated/commJSI-generated.cpp
--- a/native/cpp/CommonCpp/_generated/commJSI-generated.cpp
+++ b/native/cpp/CommonCpp/_generated/commJSI-generated.cpp
@@ -161,6 +161,9 @@
 static jsi::Value __hostFunction_CommCoreModuleSchemaCxxSpecJSI_getCommServicesAuthMetadata(jsi::Runtime &rt, TurboModule &turboModule, const jsi::Value* args, size_t count) {
   return static_cast<CommCoreModuleSchemaCxxSpecJSI *>(&turboModule)->getCommServicesAuthMetadata(rt);
 }
+static jsi::Value __hostFunction_CommCoreModuleSchemaCxxSpecJSI_clearCommServicesAuthMetadata(jsi::Runtime &rt, TurboModule &turboModule, const jsi::Value* args, size_t count) {
+  return static_cast<CommCoreModuleSchemaCxxSpecJSI *>(&turboModule)->clearCommServicesAuthMetadata(rt);
+}
 static jsi::Value __hostFunction_CommCoreModuleSchemaCxxSpecJSI_setCommServicesAccessToken(jsi::Runtime &rt, TurboModule &turboModule, const jsi::Value* args, size_t count) {
   return static_cast<CommCoreModuleSchemaCxxSpecJSI *>(&turboModule)->setCommServicesAccessToken(rt, args[0].asString(rt));
 }
@@ -238,6 +241,7 @@
   methodMap_["generateRandomString"] = MethodMetadata {1, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_generateRandomString};
   methodMap_["setCommServicesAuthMetadata"] = MethodMetadata {3, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_setCommServicesAuthMetadata};
   methodMap_["getCommServicesAuthMetadata"] = MethodMetadata {0, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_getCommServicesAuthMetadata};
+  methodMap_["clearCommServicesAuthMetadata"] = MethodMetadata {0, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_clearCommServicesAuthMetadata};
   methodMap_["setCommServicesAccessToken"] = MethodMetadata {1, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_setCommServicesAccessToken};
   methodMap_["clearCommServicesAccessToken"] = MethodMetadata {0, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_clearCommServicesAccessToken};
   methodMap_["startBackupHandler"] = MethodMetadata {0, __hostFunction_CommCoreModuleSchemaCxxSpecJSI_startBackupHandler};
diff --git a/native/cpp/CommonCpp/_generated/commJSI.h b/native/cpp/CommonCpp/_generated/commJSI.h
--- a/native/cpp/CommonCpp/_generated/commJSI.h
+++ b/native/cpp/CommonCpp/_generated/commJSI.h
@@ -68,6 +68,7 @@
   virtual jsi::Value generateRandomString(jsi::Runtime &rt, double size) = 0;
   virtual jsi::Value setCommServicesAuthMetadata(jsi::Runtime &rt, jsi::String userID, jsi::String deviceID, jsi::String accessToken) = 0;
   virtual jsi::Value getCommServicesAuthMetadata(jsi::Runtime &rt) = 0;
+  virtual jsi::Value clearCommServicesAuthMetadata(jsi::Runtime &rt) = 0;
   virtual jsi::Value setCommServicesAccessToken(jsi::Runtime &rt, jsi::String accessToken) = 0;
   virtual jsi::Value clearCommServicesAccessToken(jsi::Runtime &rt) = 0;
   virtual void startBackupHandler(jsi::Runtime &rt) = 0;
@@ -481,6 +482,14 @@
       return bridging::callFromJs<jsi::Value>(
           rt, &T::getCommServicesAuthMetadata, jsInvoker_, instance_);
     }
+    jsi::Value clearCommServicesAuthMetadata(jsi::Runtime &rt) override {
+      static_assert(
+          bridging::getParameterCount(&T::clearCommServicesAuthMetadata) == 1,
+          "Expected clearCommServicesAuthMetadata(...) to have 1 parameters");
+
+      return bridging::callFromJs<jsi::Value>(
+          rt, &T::clearCommServicesAuthMetadata, jsInvoker_, instance_);
+    }
     jsi::Value setCommServicesAccessToken(jsi::Runtime &rt, jsi::String accessToken) override {
       static_assert(
           bridging::getParameterCount(&T::setCommServicesAccessToken) == 2,
diff --git a/native/data/sqlite-data-handler.js b/native/data/sqlite-data-handler.js
--- a/native/data/sqlite-data-handler.js
+++ b/native/data/sqlite-data-handler.js
@@ -39,6 +39,7 @@
 import { useStaffCanSee } from '../utils/staff-utils.js';
 
 async function clearSensitiveData() {
+  await commCoreModule.clearCommServicesAuthMetadata();
   await commCoreModule.clearSensitiveData();
   try {
     await filesystemMediaCache.clearCache();
diff --git a/native/identity-service/identity-service-context-provider.react.js b/native/identity-service/identity-service-context-provider.react.js
--- a/native/identity-service/identity-service-context-provider.react.js
+++ b/native/identity-service/identity-service-context-provider.react.js
@@ -69,7 +69,13 @@
   >(async () => {
     const deviceID = await getContentSigningKey();
     const userID = await userIDPromiseRef.current;
-    if (!deviceID || !userID || !accessToken) {
+    if (
+      !deviceID ||
+      deviceID === '' ||
+      !userID ||
+      userID === '' ||
+      !accessToken
+    ) {
       throw new Error('Identity service client is not initialized');
     }
     return { deviceID, userID, accessToken };
diff --git a/native/schema/CommCoreModuleSchema.js b/native/schema/CommCoreModuleSchema.js
--- a/native/schema/CommCoreModuleSchema.js
+++ b/native/schema/CommCoreModuleSchema.js
@@ -136,6 +136,7 @@
     accessToken: string,
   ) => Promise<void>;
   +getCommServicesAuthMetadata: () => Promise<CommServicesAuthMetadata>;
+  +clearCommServicesAuthMetadata: () => Promise<void>;
   +setCommServicesAccessToken: (accessToken: string) => Promise<void>;
   +clearCommServicesAccessToken: () => Promise<void>;
   +startBackupHandler: () => void;