Terminate All Other Sessions
POST
/web/v1/system/security/sessions/terminate-all JWTRequired Gateway Headers
All API requests require gateway headers. See Required Headers for the complete list. In local/test environments, you must also include Cloudflare simulation headers (CF-Connecting-IP, Cf-Ray, cf-ipcountry).
Terminates all sessions except the current one for the authenticated user. Returns the count of terminated sessions as an integer in the data field. An audit log entry is created if any sessions were terminated.
Required Headers
| Header | Example Value | Description |
|---|---|---|
| Content-Type | application/json | Request content type |
| Accept | application/json | Expected response type |
| X-Client-Hash | Client device fingerprint | |
| Accept-Language | en, zh, zh-Hant, ja, vi | Response language (default: en) |
| Authorization | Bearer | JWT access token |
Request Parameters
No request parameters required.
Request Example
No request body required.
Success Response
Success 200
{
"version": "2.0.0",
"timestamp": 1709337600000,
"success": true,
"code": "2000",
"message": "SUCCESS",
"data": 2
}The data field contains an integer representing the number of other sessions that were terminated (e.g. 2).
Error Responses
Unauthorized — missing session context 401
{
"success": false,
"code": "ACCESS.UNAUTHORIZED",
"message": "Security context is missing"
}Unauthorized 401
{
"success": false,
"code": "4010",
"message": "Invalid or expired token"
}Notes
- The current session is always preserved; only other sessions are terminated.
- Returns the number of sessions that were terminated (integer). Returns
0if no other sessions existed. - An audit log entry (
ALL_SESSIONS_TERMINATED) withterminatedCountattribute is created when count > 0.