ZITADEL Docs
APIsCore ResourcesV2Session

GetSession

Get Session

Retrieve a session by its ID. Returns all information about the session, including the factors that were verified, the metadata, user agent information and possible expiration date. The session token is required unless either of the following conditions is met:

  • the caller created the session
  • the authenticated user requests their own session (checked user)
  • the security token provided in the authorization header has the same user agent as the session
  • the caller is granted the permission session.read permission on either the instance or on the checked user's organization

Required permissions:

  • session.read
  • no permission required to get own sessions (see above) or when providing the current session token
GET
/v2/sessions/{session_id}

Path Parameters

session_id*string

The unique identifier of the session to be retrieved.

Query Parameters

sessionToken?string

The current token of the session, previously returned on the create / update request. The token is required unless either of the following conditions is met:

  • the caller created the session
  • the authenticated user requests their own session (checked user)
  • the security token provided in the authorization header has the same user agent as the session
  • the caller is granted the permission session.read permission on either the instance or on the checked user's organization

Response Body

application/json

application/json

curl -X GET "https://loading/v2/sessions/string"
{
  "session": {
    "id": "string",
    "creationDate": "1s",
    "changeDate": "1s",
    "sequence": 0,
    "factors": {
      "user": {
        "verifiedAt": "1s",
        "id": "string",
        "loginName": "string",
        "displayName": "string",
        "organizationId": "string"
      },
      "password": {
        "verifiedAt": "1s"
      },
      "webAuthN": {
        "verifiedAt": "1s",
        "userVerified": true
      },
      "intent": {
        "verifiedAt": "1s"
      },
      "totp": {
        "verifiedAt": "1s"
      },
      "otpSms": {
        "verifiedAt": "1s"
      },
      "otpEmail": {
        "verifiedAt": "1s"
      },
      "recoveryCode": {
        "verifiedAt": "1s"
      }
    },
    "metadata": {
      "property1": "string",
      "property2": "string"
    },
    "userAgent": {
      "fingerprintId": "string",
      "ip": "string",
      "description": "string",
      "header": {
        "property1": {
          "values": [
            "string"
          ]
        },
        "property2": {
          "values": [
            "string"
          ]
        }
      }
    },
    "expirationDate": "1s"
  }
}
{
  "code": "not_found",
  "message": "string",
  "detail": {
    "type": "string",
    "value": "string",
    "debug": {}
  }
}

Was this page helpful?

DeleteSession

Previous Page

ListSessions

Next Page