User Sessions

The User Sessions API provides operations to manage user sessions in your org.

End a current user session

Ends Okta sessions for the currently signed in user. By default, the current session remains active. Use this method in a browser-based app.

Note: This operation requires a session cookie for the user. The API token isn't allowed for this operation.

Request
Request Body schema: application/json
keepCurrent
boolean
Default: true

Skip deleting the user's current session when set to true

Responses
200

OK

403

Forbidden

404

Not Found

429

Too Many Requests

post/api/v1/users/me/lifecycle/delete_sessions
Request samples
application/json
{
  • "keepCurrent": true
}
Response samples
application/json
{
  • "errorCode": "E0000006",
  • "errorSummary": "You do not have permission to perform the requested action",
  • "errorLink": "E0000006",
  • "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
  • "errorCauses": [ ]
}

Revoke all user sessions
CORS
OAuth 2.0 scopes:
  • okta.users.manage

Revokes all active identity provider sessions of the user. This forces the user to authenticate on the next operation. Optionally revokes OpenID Connect and OAuth refresh and access tokens issued to the user.

You can also clear the user's remembered factors for all devices using the forgetDevices parameter. See forgetDevices.

Note: This operation doesn't clear the sessions created for web or native apps.

Request
path Parameters
userId
required
string

ID of an existing Okta user

Example: 00ub0oNGTSWTBKOLGLNR
query Parameters
oauthTokens
boolean
Default: false

Revokes issued OpenID Connect and OAuth refresh and access tokens

forgetDevices
boolean
Default: true

Clears the user's remembered factors for all devices.

Note: This parameter defaults to false in Classic Engine.

Responses
204

No Content

403

Forbidden

404

Not Found

429

Too Many Requests

delete/api/v1/users/{userId}/sessions
Request samples
Response samples
application/json
{
  • "errorCode": "E0000006",
  • "errorSummary": "You do not have permission to perform the requested action",
  • "errorLink": "E0000006",
  • "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
  • "errorCauses": [ ]
}