diff --git a/src/spaceone/identity/manager/secret_manager.py b/src/spaceone/identity/manager/secret_manager.py
index b21d6bd..e72ae62 100644
--- a/src/spaceone/identity/manager/secret_manager.py
+++ b/src/spaceone/identity/manager/secret_manager.py
@@ -129,6 +129,10 @@ def get_user_secret_data(self, user_secret_id: str, domain_id: str = None) -> di
     def delete_user_secret(self, user_secret_id: str) -> None:
         self.secret_conn.dispatch("UserSecret.delete", {"user_secret_id": user_secret_id})
 
+    def delete_user_secret_with_system_token(self, domain_id: str, user_secret_id: str) -> None:
+        system_token = config.get_global("TOKEN")
+        self.secret_conn.dispatch("UserSecret.delete", {"user_secret_id": user_secret_id}, x_domain_id=domain_id, token=system_token)
+
     def get_user_otp_secret_key(self, user_secret_id: str, domain_id: str = None) -> str:
         user_secret_info = self.get_user_secret_data(user_secret_id, domain_id)
         return user_secret_info["otp_secret_key"]
diff --git a/src/spaceone/identity/service/user_service.py b/src/spaceone/identity/service/user_service.py
index 31e6061..cebad9e 100644
--- a/src/spaceone/identity/service/user_service.py
+++ b/src/spaceone/identity/service/user_service.py
@@ -254,7 +254,7 @@ def disable_mfa(self, params: UserDisableMFARequest) -> Union[UserResponse, dict
         if mfa_type == "OTP":
             user_secret_id = user_mfa.get("options", {}).get("user_secret_id")
             secret_manager: SecretManager = self.locator.get_manager(SecretManager)
-            secret_manager.delete_user_secret(user_secret_id)
+            secret_manager.delete_user_secret_with_system_token(domain_id, user_secret_id)
 
         user_mfa = {"state": "DISABLED"}
         self.user_mgr.update_user_by_vo({"mfa": user_mfa}, user_vo)