Manage user sessions
User session management helps users and admins review active sign-in states and revoke sessions when needed.
In Logto, you can manage sessions through three common paths:
- Account API: For end-user self-service in your product account settings page.
- Management API: For admin or support tools to manage sessions for any user.
- Admin Console: For operator workflows in Logto Console without building custom tooling.
Choose the right API
| Scenario | Recommended API |
|---|---|
| Let signed-in users manage their own active sessions | Account API |
| Let admins or support teams manage sessions for a user | Management API |
| Let operators manage sessions directly in Logto Console | Admin Console |
View active sessions
Account API (self-service)
Use the Account API session endpoint to list the current user's active sessions.
- Reference section: Manage user sessions
- Endpoint:
GET /api/my-account/sessions
Before exposing this capability to end users, make sure session management is enabled in Account center settings and your app requests the required Account API scope.
Management API (admin tools)
Use Management API when your admin system needs to list sessions for a target user.
- Reference section: User session management
- Endpoint:
GET /api/users/{userId}/sessions - Optional details endpoint:
GET /api/users/{userId}/sessions/{sessionId}
Revoke sessions
Account API (end user revokes own sessions)
End users can revoke a specific session from their own session list.
- Reference section: Manage user sessions
- Endpoint:
DELETE /api/my-account/sessions/{sessionId}
For sensitive operations, Account API session management requires user verification before access. See Get a verification record id.
Management API (admin revokes user sessions)
Admins can revoke a target user's session by user ID and session ID.
- Reference section: User session management
- Endpoint:
DELETE /api/users/{userId}/sessions/{sessionId}
Admin Console
If your team manages users directly in Logto Console, you can review active sessions and revoke specific sessions from the user detail page.
- Reference section: Manage user active sessions
Related resources
Sessions Manage user authorized apps (grants)Account settings by Account API: Manage user sessions
Account settings by Management API: User session management
User management: Manage user active sessions