Skip to main content

Get Sessions

GET /api/user/sessions

Retrieve all active login sessions for your account.

Request

curl -X GET https://your-zipline.com/api/user/sessions \
  -H "Authorization: YOUR_TOKEN" \
  -H "Cookie: zipline_token=YOUR_SESSION_TOKEN"

Response

current
object
The current session making this request
other
array
Array of other active sessions (excluding the current one)
Example Response
{
  "current": {
    "id": "sess_abc123",
    "createdAt": "2024-03-15T10:30:00.000Z",
    "ua": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/122.0.0.0",
    "client": "Chrome",
    "device": "Desktop"
  },
  "other": [
    {
      "id": "sess_def456",
      "createdAt": "2024-03-14T08:15:00.000Z",
      "ua": "Mozilla/5.0 (iPhone; CPU iPhone OS 17_0 like Mac OS X) Safari/604.1",
      "client": "Mobile Safari",
      "device": "Mobile"
    }
  ]
}

Delete Session

DELETE /api/user/sessions

Log out of a specific session or all other sessions. You cannot delete your current session - use the logout endpoint instead.

Request

sessionId
string
ID of the session to delete. Must be a session ID from the other array, not your current session.
all
boolean
Set to true to delete all other sessions (except the current one).
You must provide either sessionId or all: true, but not both.

Delete a Specific Session

curl -X DELETE https://your-zipline.com/api/user/sessions \
  -H "Authorization: YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "sessionId": "sess_def456"
  }'

Delete All Other Sessions

curl -X DELETE https://your-zipline.com/api/user/sessions \
  -H "Authorization: YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "all": true
  }'

Response

Returns the updated session list in the same format as GET /api/user/sessions.
Example Response
{
  "current": {
    "id": "sess_abc123",
    "createdAt": "2024-03-15T10:30:00.000Z",
    "ua": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/122.0.0.0",
    "client": "Chrome",
    "device": "Desktop"
  },
  "other": []
}

Errors

  • 400 Bad Request: Attempted to delete current session or session not found
  • 401 Unauthorized: Invalid login session
Error Examples
{
  "statusCode": 400,
  "error": "Bad Request",
  "message": "Cannot delete current session, use log out instead."
}

{
  "statusCode": 400,
  "error": "Bad Request",
  "message": "Session not found in logged in sessions"
}
Deleting sessions will immediately log out those devices. Users will need to log in again on those devices.

Build docs developers (and LLMs) love

Get started for freeTalk to us