Delete inactive authenticators without access token

I’m implementing and testing MFA in our app… as part of the process, it seems that I’ve created too many authenticators… Now I can’t “enroll” and complete mfa with my test user… which means I can’t get the access token required to delete authenticators… is there a way via the tenant console that I can see and delete inactive authenticators? I can retrieve the list via /mfa/authenticators and the mfa_token… but I can’t delete them.