Delete session(s) based on query parameters provided.
delete
/oam/services/rest/access/api/v1/session
This api / method can be used to delete sessions based on session id, userid or all sessions belonging to id store.
Request
Query Parameters
-
idStore: string
idStore to which user belongs. This parameter is used on conjunction with the userId parameter. If userId parameter is not provided then this parameter is ignored.
-
sessionId: string
Id of the session which is to be deleted. If this parameter is present then other query parameters are ignored.
-
userId: string
User Id (loginid) of the user whose sessions are to be deleted. This parameter is used if sessionId is not provided. If this parameter is provied then idStoreParameter is also used if provided.
Response
Supported Media Types
- application/json
200 Response
An array of sessions that were deleted (with maximum of 28 sessions) is returned.
Nested Schema : SessionData
Type:
Show Source
object
-
clientIp:
string
Client IP Address for the session.
-
createTime:
string(date-time)
Time at which session was created.
-
expiryTime:
string(date-time)
Expiry Time for the session.
-
idStoreName:
string
Session Identifier where user is located for this session.
-
isImpersonating:
boolean
Indicator if this is impersonating user session.
-
lastAccessTime:
string(date-time)
Last Access Time for session.
-
sessionId:
string
Session Identifier for querying the session.
-
sessionIndex:
string
Unique session identified generated by OAM session engine.
-
updateTime:
string(date-time)
Update Time for session.
-
userAttributes:
object UserAttributes
Additional Properties Allowed: NameValueAttributeCollection of Name Value pair attributes
-
userId(required):
string
User Id with which session is associated.
Nested Schema : UserAttributes
Type:
object
Additional Properties Allowed
Show Source
Collection of Name Value pair attributes
Show Source
Nested Schema : NameValueAttribute
Type:
Show Source
object
-
attrName:
string
Attribute Name
-
attrValue:
string
Attribute Value
404 Response
Session or user was not found. Or sessionId or userId was not provided.
500 Response
Unexpected error
Examples
cURL Example
This is a sample request where sessionId is used to delete a single Session.
curl -H "Content-Type: application/json" -H "Authorization: Basic <Base64 encoded auth header>" -X "DELETE" “http://<HOST>:<PORT>/oam/services/rest/access/api/v1/session?sessionId= 3b844e4d-9019-4928-9dca-3ba2ebbf475d%7CU90idWYSK4hXcdo6LlVD2%2BJuHBLvbGtCbbhlfmoDvMA%3D”
Example of Request Body
The following example shows the contents of the response body in JSON format.
<?xml version="1.0" encoding="UTF-8"?> <SessionResults> <totalRecords>1</totalRecords> <sessions> <sessionData> <sessionId>3b844e4d-9019-4928-9dca-3ba2ebbf475d|U90idWYSK4hXcdo6LlVD2+JuHBLvbGtCbbhlfmoDvMA=</sessionId> <createTime>2017-05-31T13:57:59.545-07:00</createTime> <updateTime>2017-05-31T13:57:59.545-07:00</updateTime> <lastAccessTime>2017-05-31T13:57:59.545-07:00</lastAccessTime> <expiryTime>2017-05-31T21:57:59.545-07:00</expiryTime> <userId>user5</userId> <clientIp>5.6.7.8</clientIp> <idStoreName>UserIdentityStore1</idStoreName> <isImpersonating>false</isImpersonating> </sessionData> </sessions> </SessionResults>
cURL Example
When a user is terminated, the Administrator can search for all the user's sessions using the userId (or optionally using id-store) and delete all the sessions.
This is a sample request where userId is used to delete all the user's sessions.
curl -H "Content-Type: application/json" -H "Authorization: Basic <Base64 encoded auth header>" -X "DELETE" "http://<HOST>:<PORT>/oam/services/rest/access/api/v1/session?userId=user3"
Example of Request Body
The following example shows the contents of the response body in JSON format.
<?xml version="1.0" encoding="UTF-8"?> <SessionResults> <totalRecords>2</totalRecords> <sessions> <sessionData> <sessionId>32de23f1-9f53-47e7-b4d5-9d0376187241|c+4quN74tM7P6qvbYVqa6BQOg3RYHDsFT3PzPajvEzM=</sessionId> <createTime>2017-05-31T13:56:35.426-07:00</createTime> <updateTime>2017-05-31T13:56:35.426-07:00</updateTime> <lastAccessTime>2017-05-31T13:56:35.426-07:00</lastAccessTime> <expiryTime>2017-05-31T21:56:35.426-07:00</expiryTime> <userId>user3</userId> <clientIp>1.2.3.4</clientIp> <idStoreName>UserIdentityStore1</idStoreName> <isImpersonating>false</isImpersonating> </sessionData> <sessionData> <sessionId>3e8fd79e-03b8-4c90-bf4d-964119460a0a|c+4quN74tM7P6qvbYVqa6BQOg3RYHDsFT3PzPajvEzM=</sessionId> <createTime>2017-05-31T13:56:52.918-07:00</createTime> <updateTime>2017-05-31T13:56:52.918-07:00</updateTime> <lastAccessTime>2017-05-31T13:56:52.918-07:00</lastAccessTime> <expiryTime>2017-05-31T21:56:52.918-07:00</expiryTime> <userId>user3</userId> <clientIp>5.6.7.8</clientIp> <idStoreName>UserIdentityStore1</idStoreName> <isImpersonating>false</isImpersonating> </sessionData> </sessions> </SessionResults>