DELETE /api/users/{userId}/sessions/{sessionId}
O auth2

Revoke a specific user session by its ID, optionally revoking associated target grants and tokens.

Path parameters

  • userId string Required

    The unique identifier of the user.

  • sessionId string Required

    The unique identifier of the session.

Query parameters

  • revokeGrantsTarget string

    Optional target for revoking associated grants and tokens. 'all' revokes grants for every application authorized by this session. 'firstParty' revokes only first-party app grants; third-party app grants remain active. If omitted, grants remain active when the session authorizations include offline_access; otherwise they are revoked.

    Values are all or firstParty.

Responses

  • 204

    Session revoked successfully.

  • 400

    Bad Request

  • 401

    Unauthorized

  • 403

    Forbidden

  • 404

    Not Found

  • 500

    Internal Server Error

DELETE /api/users/{userId}/sessions/{sessionId} 
curl \
 --request DELETE 'https://[tenant_id].logto.app/api/users/{userId}/sessions/{sessionId}' \
 --header "Authorization: Bearer $ACCESS_TOKEN"