Sessions represent active authentication sessions for users. Use this resource to retrieve, update, revoke, and delete user sessions.
Methods
Get Session
Retrieve session information by session ID.
func (c *Client) Get(
ctx context.Context,
id string,
opts ...option.RequestOption,
) (*management.GetSessionResponseContent, error)
ID of session to retrieve
GetSessionResponseContent
ID of the user which can be used when interacting with other APIs
When the session was created
When the session was last updated
When the user authenticated
When the session expires due to inactivity
Device information for the session
List of client details for the session
Authentication
*SessionAuthenticationSignals
Authentication signals and methods used
Example
ctx := context.Background()
session, err := mgmt.Sessions.Get(ctx, "ses_abc123")
if err != nil {
log.Fatalf("Error retrieving session: %v", err)
}
fmt.Printf("Session ID: %s\n", session.GetID())
fmt.Printf("User ID: %s\n", session.GetUserID())
fmt.Printf("Expires At: %v\n", session.GetExpiresAt())
Update Session
Update session information.
func (c *Client) Update(
ctx context.Context,
id string,
request *management.UpdateSessionRequestContent,
opts ...option.RequestOption,
) (*management.UpdateSessionResponseContent, error)
ID of the session to update
request
*management.UpdateSessionRequestContent
required
Custom metadata to attach to the session
Example
updateRequest := &management.UpdateSessionRequestContent{
SessionMetadata: &management.SessionMetadata{
"last_action": "profile_updated",
"ip_address": "192.168.1.1",
},
}
updatedSession, err := mgmt.Sessions.Update(ctx, "ses_abc123", updateRequest)
if err != nil {
log.Fatalf("Error updating session: %v", err)
}
fmt.Printf("Updated session: %s\n", updatedSession.GetID())
Delete Session
Delete a session by ID.
func (c *Client) Delete(
ctx context.Context,
id string,
opts ...option.RequestOption,
) error
ID of the session to delete
Example
err := mgmt.Sessions.Delete(ctx, "ses_abc123")
if err != nil {
log.Fatalf("Error deleting session: %v", err)
}
fmt.Println("Session deleted successfully")
Revoke Session
Revoke a session by ID and all associated refresh tokens.
func (c *Client) Revoke(
ctx context.Context,
id string,
opts ...option.RequestOption,
) error
ID of the session to revoke
Example
err := mgmt.Sessions.Revoke(ctx, "ses_abc123")
if err != nil {
log.Fatalf("Error revoking session: %v", err)
}
fmt.Println("Session and associated refresh tokens revoked successfully")
Revoking a session also revokes all associated refresh tokens, preventing the user from obtaining new access tokens without re-authenticating.
Session Lifecycle
Sessions have several important timestamps:
- CreatedAt: When the session was initially created
- AuthenticatedAt: When the user last authenticated
- UpdatedAt: When the session was last modified
- LastInteractedAt: When the user last interacted with the application
- ExpiresAt: Absolute expiration time
- IdleExpiresAt: Expiration due to inactivity
You can attach custom metadata to sessions for tracking purposes:
metadata := &management.SessionMetadata{
"last_page": "/dashboard",
"user_agent": "Mozilla/5.0...",
"login_method": "email",
}
Use Cases
Force Logout
Revoke a user’s session to force them to re-authenticate, useful for security incidents or password resets.
Session Monitoring
Retrieve session information to monitor user activity and detect suspicious behavior.
Idle Timeout
Use IdleExpiresAt to implement automatic logout after periods of inactivity.
Multi-Device Management
Track and manage user sessions across multiple devices using session metadata.
Best Practices
Security
Revoke sessions immediately when suspicious activity is detected or when users report their accounts as compromised.
Cleanup
Regularly delete expired sessions to maintain database hygiene and improve performance.
Metadata
Use session metadata to track context-specific information, but avoid storing sensitive data.