# Revoke a user session

**DELETE /api/users/{userId}/sessions/{sessionId}**

Revoke a specific user session by its ID, optionally revoking associated target grants and tokens.


## Servers
- Logto endpoint address.: https://[tenant_id].logto.app (Logto endpoint address.)


## Authentication methods
- O auth2


## Parameters

### Path parameters
- **userId** (string)
  The unique identifier of the user.
- **sessionId** (string)
  The unique identifier of the session.

### Query parameters
- **revokeGrantsTarget** (string)
  Optional target for revoking associated grants and tokens. 'all' revokes grants for every application authorized by this session. 'firstParty' revokes only first-party app grants; third-party app grants remain active. If omitted, grants remain active when the session authorizations include offline_access; otherwise they are revoked.


## Responses
### 204
Session revoked successfully.

### 400
Bad Request

### 401
Unauthorized

### 403
Forbidden

### 404
Not Found

### 500
Internal Server Error


[Powered by Bump.sh](https://bump.sh)