diff --git a/docs/commands/rhoas_login.md b/docs/commands/rhoas_login.md
index befeca60d..fb07d51a0 100644
--- a/docs/commands/rhoas_login.md
+++ b/docs/commands/rhoas_login.md
@@ -34,14 +34,13 @@ $ rhoas login --token f5cgc...
 ### Options
 
 ```
-      --api-gateway string    URL of the API gateway (default "https://api.openshift.com")
-      --auth-url string       The URL of the SSO Authentication server (default "https://sso.redhat.com/auth/realms/redhat-external")
-      --client-id string      OpenID client identifier (default "rhoas-cli-prod")
-      --insecure              Allow insecure communication with the server by disabling TLS certificate and host name verification
-      --mas-auth-url string   Unused: This flag is no longer valid and will be removed in a future release
-      --print-sso-url         Print the console login URL, which you can use to log in to RHOAS from a different web browser (this is useful if you need to log in with different credentials than the credentials you used in your default web browser)
-      --scope stringArray     Override the default OpenID scope (to specify multiple scopes, use a separate --scope for each scope) (default [openid])
-  -t, --token string          Log in using an offline token, which can be obtained at https://console.redhat.com/openshift/token
+      --api-gateway string   URL of the API gateway (default "https://api.openshift.com")
+      --auth-url string      The URL of the SSO Authentication server (default "https://sso.redhat.com/auth/realms/redhat-external")
+      --client-id string     OpenID client identifier (default "rhoas-cli-prod")
+      --insecure             Allow insecure communication with the server by disabling TLS certificate and host name verification
+      --print-sso-url        Print the console login URL, which you can use to log in to RHOAS from a different web browser (this is useful if you need to log in with different credentials than the credentials you used in your default web browser)
+      --scope stringArray    Override the default OpenID scope (to specify multiple scopes, use a separate --scope for each scope) (default [openid])
+  -t, --token string         Log in using an offline token, which can be obtained at https://console.redhat.com/openshift/token
 ```
 
 ### Options inherited from parent commands
diff --git a/pkg/cmd/login/login.go b/pkg/cmd/login/login.go
index becb648aa..7da8c6959 100644
--- a/pkg/cmd/login/login.go
+++ b/pkg/cmd/login/login.go
@@ -52,7 +52,6 @@ type options struct {
 
 	url                   string
 	authURL               string
-	deprecatedUrl         string
 	clientID              string
 	scopes                []string
 	insecureSkipTLSVerify bool
@@ -94,7 +93,6 @@ func NewLoginCmd(f *factory.Factory) *cobra.Command {
 	cmd.Flags().BoolVar(&opts.insecureSkipTLSVerify, "insecure", false, opts.localizer.MustLocalize("login.flag.insecure"))
 	cmd.Flags().StringVar(&opts.clientID, "client-id", build.DefaultClientID, opts.localizer.MustLocalize("login.flag.clientId"))
 	cmd.Flags().StringVar(&opts.authURL, "auth-url", build.ProductionAuthURL, opts.localizer.MustLocalize("login.flag.authUrl"))
-	cmd.Flags().StringVar(&opts.deprecatedUrl, "mas-auth-url", "", opts.localizer.MustLocalize("login.flag.masAuthUrl"))
 	cmd.Flags().BoolVar(&opts.printURL, "print-sso-url", false, opts.localizer.MustLocalize("login.flag.printSsoUrl"))
 	cmd.Flags().StringArrayVar(&opts.scopes, "scope", kcconnection.DefaultScopes, opts.localizer.MustLocalize("login.flag.scope"))
 	cmd.Flags().StringVarP(&opts.offlineToken, "token", "t", "", opts.localizer.MustLocalize("login.flag.token", localize.NewEntry("OfflineTokenURL", build.OfflineTokenURL)))
diff --git a/pkg/core/localize/locales/en/cmd/login.en.toml b/pkg/core/localize/locales/en/cmd/login.en.toml
index 0562f1633..501d928f9 100644
--- a/pkg/core/localize/locales/en/cmd/login.en.toml
+++ b/pkg/core/localize/locales/en/cmd/login.en.toml
@@ -43,9 +43,6 @@ one = 'OpenID client identifier'
 description = 'Description for the --auth-url flag'
 one = "The URL of the SSO Authentication server"
 
-[login.flag.masAuthUrl]
-one = "Unused: This flag is no longer valid and will be removed in a future release"
-
 [login.flag.token]
 one = "Log in using an offline token, which can be obtained at {{.OfflineTokenURL}}"
 
@@ -65,10 +62,6 @@ one = 'Welcome to RHOAS'
 description = 'Title for the RHOAS login redirect webpage'
 one = 'You are now logged in as <span style="font-weight:700">{{.Username}}</span>.'
 
-[login.masRedirectPage.body]
-description = 'Title for the identity.api.openshift.com login redirect webpage'
-one = 'You are now logged in to <span style="font-weight:700">{{.Host}}</span> as <span style="font-weight:700">{{.Username}}</span>.'
-
 [login.error.schemeMissingFromUrl]
 description = 'Error message for when scheme is missing from the Auth URL'
 one = 'scheme missing from URL "{{.URL}}". Please add either "https" or "https"'
diff --git a/pkg/shared/connection/kcconnection/errors.go b/pkg/shared/connection/kcconnection/errors.go
index faf84f6be..8ce1f324e 100644
--- a/pkg/shared/connection/kcconnection/errors.go
+++ b/pkg/shared/connection/kcconnection/errors.go
@@ -10,22 +10,10 @@ type AuthError struct {
 	Err error
 }
 
-type MasAuthError struct {
-	Err error
-}
-
 func (e *AuthError) Error() string {
 	return fmt.Sprintf("%v", e.Err)
 }
 
-func (e *MasAuthError) Unwrap() error {
-	return e.Err
-}
-
-func (e *MasAuthError) Error() string {
-	return fmt.Sprintf("%v", e.Err)
-}
-
 func (e *AuthError) Unwrap() error {
 	return e.Err
 }