ZITADEL Docs
APIsCore ResourcesV2Session

DeleteSession

DeleteSession

Terminate an existing session. This invalidates the session and its token. The session can no longer be used for the authentication of other resources or to authenticate against the Zitadel APIs.

You can only terminate your own session, unless you are granted the session.delete permission.

Required permissions:

  • session.delete
  • no permission required for own sessions or when providing the current session token
DELETE
/v2/sessions/{session_id}

Path Parameters

session_id*string

The unique identifier of the session to be terminated.

Request Body

application/json

sessionToken?string

The current token of the session, previously returned on the create / update request. The token is required unless either of the following conditions is met:

  • the caller created the session
  • the authenticated user requests their own session (checked user)
  • the security token provided in the authorization header has the same user agent as the session
  • the caller is granted the permission session.delete permission on either the instance or on the checked user's organization
[key: string]?never

Response Body

application/json

application/json

curl -X DELETE "https://loading/v2/sessions/string" \  -H "Content-Type: application/json" \  -d '{}'
{
  "details": {
    "sequence": 0,
    "changeDate": "1s",
    "resourceOwner": "string",
    "creationDate": "1s"
  }
}
{
  "code": "not_found",
  "message": "string",
  "detail": {
    "type": "string",
    "value": "string",
    "debug": {}
  }
}

Was this page helpful?

CreateSession

Previous Page

GetSession

Next Page