Get user active session

GET /api/users/{userId}/sessions/{sessionId}

Retrieve a non-expired session for the user by session ID, including session metadata and interaction details when available.

Path parameters

userId string Required

The unique identifier of the user.
sessionId string Required

The unique identifier of the session.

Responses

200 application/json

Return a non-expired session of the user.
Hide response attributes Show response attributes object
- payload object Required
  
  Hide payload attributes Show payload attributes object
  
  exp number Required
  
  iat number Required
  
  jti string Required
  
  uid string Required
  
  kind string("Session") Required
  
  loginTs number Required
  
  accountId string Required
  
  authorizations object Required
  
  Hide authorizations attribute Show authorizations attribute object
  
  * object Additional properties
  
  Hide * attributes Show * attributes object
  
  sid string
  
  grantId string
  
  persistsLogout boolean
- lastSubmission object | null Required
  
  Hide lastSubmission attributes Show lastSubmission attributes object | null
  
  interactionEvent string Required
  
  Values are SignIn, Register, or ForgotPassword.
  
  userId string Required
  
  verificationRecords array[object] Required
  
  One of:
  object-1 object object-2 object object-3 object object-4 object object-5 object object-6 object object-7 object object-8 object object-9 object object-10 object object-11 object
  
  Hide attributes Show attributes
  
  id string Required
  
  type string("Password") Required
  
  identifier object Required
  
  Hide identifier attributes Show identifier attributes object
  
  type string Required
  
  One of:
  string-1 string string-2 string
  
  Values are username, email, or phone.
  
  Value is userId.
  
  value string Required
  
  verified boolean Required
  
  Hide attributes Show attributes
  
  id string Required
  
  templateType string Required
  
  Values are SignIn, Register, ForgotPassword, OrganizationInvitation, Generic, UserPermissionValidation, BindNewIdentifier, MfaVerification, or BindMfa.
  
  verified boolean Required
  
  type string("EmailVerificationCode") Required
  
  identifier object Required
  
  Hide identifier attributes Show identifier attributes object
  
  type string("email") Required
  
  value string Required
  
  Hide attributes Show attributes
  
  id string Required
  
  templateType string Required
  
  Values are SignIn, Register, ForgotPassword, OrganizationInvitation, Generic, UserPermissionValidation, BindNewIdentifier, MfaVerification, or BindMfa.
  
  verified boolean Required
  
  type string("PhoneVerificationCode") Required
  
  identifier object Required
  
  Hide identifier attributes Show identifier attributes object
  
  type string("phone") Required
  
  value string Required
  
  Hide attributes Show attributes
  
  id string Required
  
  connectorId string Required
  
  type string("Social") Required
  
  socialUserInfo object
  
  Hide socialUserInfo attributes Show socialUserInfo attributes object
  
  id string Required
  
  email string
  
  phone string
  
  name string
  
  avatar string
  
  rawData object | null | array[string | number | boolean | null | object] | string | number | boolean
  
  One of:
  object-1 object | null array-2 array[string | number | boolean | null | object] | null string-3 string | null number-4 number | null boolean-5 boolean | null
  
  arbitrary JSON object
  
  One of:
  string-1 string number-2 number boolean-3 boolean string-4 string | null object-5 object
  
  null value
  
  arbitrary JSON object
  
  Hide attributes Show attributes
  
  id string Required
  
  connectorId string Required
  
  type string("EnterpriseSso") Required
  
  enterpriseSsoUserInfo object
  
  Hide enterpriseSsoUserInfo attributes Show enterpriseSsoUserInfo attributes object
  
  id string Required
  
  email string
  
  phone string
  
  name string
  
  avatar string
  
  rawData object | null | array[string | number | boolean | null | object] | string | number | boolean
  
  One of:
  object-1 object | null array-2 array[string | number | boolean | null | object] | null string-3 string | null number-4 number | null boolean-5 boolean | null
  
  arbitrary JSON object
  
  One of:
  string-1 string number-2 number boolean-3 boolean string-4 string | null object-5 object
  
  null value
  
  arbitrary JSON object
  
  issuer string
  
  Hide attributes Show attributes
  
  id string Required
  
  type string("Totp") Required
  
  userId string Required
  
  verified boolean Required
  
  Hide attributes Show attributes
  
  id string Required
  
  type string("BackupCode") Required
  
  userId string Required
  
  code string
  
  Hide attributes Show attributes
  
  id string Required
  
  verified boolean Required
  
  registrationRpId string
  
  type string("WebAuthn") Required
  
  userId string Required
  
  Hide attributes Show attributes
  
  id string Required
  
  verified boolean Required
  
  registrationRpId string
  
  type string("SignInWebAuthn") Required
  
  userId string
  
  Hide attributes Show attributes
  
  id string Required
  
  type string("OneTimeToken") Required
  
  verified boolean Required
  
  identifier object Required
  
  Hide identifier attributes Show identifier attributes object
  
  type string("email") Required
  
  value string Required
  
  oneTimeTokenContext object
  
  Hide oneTimeTokenContext attribute Show oneTimeTokenContext attribute object
  
  jitOrganizationIds array[string]
  
  Hide attributes Show attributes
  
  id string Required
  
  type string("NewPasswordIdentity") Required
  
  identifier object Required
  
  Hide identifier attributes Show identifier attributes object
  
  type string Required
  
  Values are username, email, or phone.
  
  value string Required
  
  signInContext object
  
  Hide signInContext attribute Show signInContext attribute object
  
  * string Additional properties
- clientId string | null Required
- accountId string | null Required
- expiresAt number Required
400

Bad Request
401

Unauthorized
403

Forbidden
404

Not Found
500

Internal Server Error

GET /api/users/{userId}/sessions/{sessionId}

curl \
 --request GET 'https://[tenant_id].logto.app/api/users/{userId}/sessions/{sessionId}' \
 --header "Authorization: Bearer $ACCESS_TOKEN"

Response examples (200)

{
  "payload": {
    "exp": 42.0,
    "iat": 42.0,
    "jti": "string",
    "uid": "string",
    "kind": "string",
    "loginTs": 42.0,
    "accountId": "string",
    "authorizations": {
      "additionalProperty1": {
        "sid": "string",
        "grantId": "string",
        "persistsLogout": true
      },
      "additionalProperty2": {
        "sid": "string",
        "grantId": "string",
        "persistsLogout": true
      }
    }
  },
  "lastSubmission": {
    "interactionEvent": "SignIn",
    "userId": "string",
    "verificationRecords": [
      {
        "id": "string",
        "type": "string",
        "identifier": {
          "type": "username",
          "value": "string"
        },
        "verified": true
      }
    ],
    "signInContext": {
      "additionalProperty1": "string",
      "additionalProperty2": "string"
    }
  },
  "clientId": "string",
  "accountId": "string",
  "expiresAt": 42.0
}