DeleteSession
Terminate an existing session. This invalidates the session and its token. The session can no longer be used for the authentication of other resources or to authenticate against the Zitadel APIs.
You can only terminate your own session, unless you are granted the session.delete permission.
Required permissions:
session.delete- no permission required for own sessions or when providing the current session token
Path Parameters
The unique identifier of the session to be terminated.
Request Body
application/json
The current token of the session, previously returned on the create / update request. The token is required unless either of the following conditions is met:
- the caller created the session
- the authenticated user requests their own session (checked user)
- the security token provided in the authorization header has the same user agent as the session
- the caller is granted the permission session.delete permission on either the instance or on the checked user's organization
Response Body
application/json
curl -X DELETE "https://loading/v2/sessions/string" \ -H "Content-Type: application/json" \ -d '{}'{
"details": {
"sequence": 0,
"changeDate": "2023-01-15T01:30:15.01Z",
"resourceOwner": "string",
"creationDate": "2023-01-15T01:30:15.01Z"
}
}Was this page helpful?
Create Session
Create Session: Create a new session with initial checks, metadata and challenges for further verification. A token will be returned, which is required for using the session as authentication, e.g. when authentica...
Get Session
Get Session: Retrieve a session by its ID. Returns all information about the session, including the factors that were verified, the metadata, user agent information and possible expiration date. The session tok...