Invalidate user sessions
Technical Preview
Invalidate user sessions that match a query. To use this API, you must be a superuser.
Body
-
match
string Required The method Kibana uses to determine which sessions to invalidate. If it is
all, all existing sessions will be invalidated. If it isquery, only the sessions that match the query will be invalidated.Values are
allorquery. -
query
object The query that Kibana uses to match the sessions to invalidate when the
matchparameter is set toquery.
POST
/api/security/session/_invalidate
curl \
--request POST 'http://localhost:5622/api/security/session/_invalidate' \
--header "Authorization: $API_KEY" \
--header "Content-Type: application/json" \
--header "kbn-xsrf: true" \
--data '"{\n \"match\" : \"all\"\n}"'
Request examples
Invalidate all sessions
Run `POST api/security/session/_invalidate` to invalidate all existing sessions.
{
"match" : "all"
}
Run `POST api/security/session/_invalidate` to invalidate sessions that were created by any SAML authentication provider.
{
"match" : "query",
"query": {
"provider" : { "type": "saml" }
}
}
Run `POST api/security/session/_invalidate` to invalidate sessions that were created by the SAML authentication provider named `saml1`.
{
"match" : "query",
"query": {
"provider" : { "type": "saml", "name": "saml1" }
}
}
Run `POST api/security/session/_invalidate` to invalidate sessions that were created by any OpenID Connect authentication provider for the user with the username `user@my-oidc-sso.com`.
{
"match" : "query",
"query": {
"provider" : { "type": "oidc" },
"username": "user@my-oidc-sso.com"
}
}
Response examples (200)
{
"total": 42
}