diff --git a/services/identity/src/client_service.rs b/services/identity/src/client_service.rs
--- a/services/identity/src/client_service.rs
+++ b/services/identity/src/client_service.rs
@@ -20,7 +20,7 @@
 };
 use crate::ddb_utils::Identifier;
 use crate::device_list::SignedDeviceList;
-use crate::error::{DeviceListError, Error as DBError};
+use crate::error::{DeviceListError, Error as DBError, consume_error};
 use crate::grpc_services::authenticated::{DeletePasswordUserInfo, UpdatePasswordInfo};
 use crate::grpc_services::protos::unauth::{
   find_user_id_request, AddReservedUsernamesRequest, AuthResponse, Empty,
@@ -1282,10 +1282,10 @@
       .delete_otks_table_rows_for_user(&user_id)
       .await?;
     debug!(user_id, "Attempting to delete user's old devices");
-    let _old_device_ids =
+    let old_device_ids =
       self.client.delete_devices_data_for_user(&user_id).await?;
 
-    // TODO: Revoke TB sessions with previous devices
+    spawn_force_close_tb_session_task(old_device_ids);
 
     // Reset device list (perform update)
     let login_time = chrono::Utc::now();
@@ -1411,3 +1411,15 @@
 
   Ok(flattened_device_key_upload)
 }
+
+fn spawn_force_close_tb_session_task(device_ids: Vec<String>) {
+  tokio::spawn(async move {
+    debug!(
+      "Attempting to terminate Tunnelbroker sessions for devices: {:?}",
+      device_ids.as_slice()
+    );
+    let result =
+      crate::tunnelbroker::terminate_device_sessions(&device_ids).await;
+    consume_error(result);
+  });
+}
diff --git a/services/identity/src/tunnelbroker.rs b/services/identity/src/tunnelbroker.rs
--- a/services/identity/src/tunnelbroker.rs
+++ b/services/identity/src/tunnelbroker.rs
@@ -1,6 +1,7 @@
 use crate::config::CONFIG;
 use grpc_clients::tunnelbroker::create_tunnelbroker_client as shared_tb_client;
 use grpc_clients::tunnelbroker::protos;
+use grpc_clients::tunnelbroker::protos::DeviceConnectionCloseRequest;
 use protos::tunnelbroker_service_client::TunnelbrokerServiceClient;
 use protos::{DeleteDeviceDataRequest, Empty, MessageToDevice};
 use tonic::transport::Channel;
@@ -85,3 +86,20 @@
   }
   Ok(())
 }
+
+pub async fn terminate_device_sessions(
+  device_ids: &[String],
+) -> Result<(), Error> {
+  let mut tunnelbroker_client = create_tunnelbroker_client().await?;
+
+  for device_id in device_ids {
+    let request = DeviceConnectionCloseRequest {
+      device_id: device_id.to_string(),
+    };
+    let grpc_message = tonic::Request::new(request);
+    tunnelbroker_client
+      .force_close_device_connection(grpc_message)
+      .await?;
+  }
+  Ok(())
+}