API Reference

Zones

Sessions

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Update session

client.Zones.Sessions.Update(ctx, id, params) (*SessionUnion, error)

PATCH/zones/{zoneId}/sessions/{id}

Revokes an active session

ParametersExpand Collapse

id string

params ZoneSessionUpdateParams

ZoneID param.Field[string]

Path param: Zone ID

Status param.Field[ZoneSessionUpdateParamsStatus]

Body param

const ZoneSessionUpdateParamsStatusRevoked ZoneSessionUpdateParamsStatus = "revoked"

ReturnsExpand Collapse

type SessionUnion interface{…}

An authenticated identity session. Sessions can be user sessions (representing end-user authentication) or application sessions (representing service-to-service authentication). User sessions support hierarchical relationships via parent_id, while application sessions are always standalone.

Accepts one of the following:

type SessionUserSessionType struct{…}

User session type-specific fields

SessionType string

UserID string

User ID

ID stringoptional

Session ID

DeprecatedActive booloptional

Whether the session is currently active (deprecated - use status instead)

DeprecatedApplication Applicationoptional

An Application is a software system with an associated identity that can access Resources. It may act on its own behalf (machine-to-machine) or on behalf of a user (delegated access).

ID string

Unique identifier of the application

CreatedAt Time

Entity creation timestamp

formatdate-time

DependenciesCount int64

Number of resource dependencies

Identifier string

User specified identifier, unique within the zone

minLength1

maxLength2048

Name string

Human-readable name

minLength1

maxLength255

OrganizationID string

Organization that owns this application

OwnerType ApplicationOwnerType

Who owns this application. Platform-owned applications cannot be modified via API.

Accepts one of the following:

const ApplicationOwnerTypePlatform ApplicationOwnerType = "platform"

const ApplicationOwnerTypeCustomer ApplicationOwnerType = "customer"

Slug string

URL-safe identifier, unique within the zone

minLength1

maxLength63

UpdatedAt Time

Entity update timestamp

formatdate-time

ZoneID string

Zone this application belongs to

Description stringoptional

Human-readable description

maxLength2048

Metadata Metadataoptional

Entity metadata

DocsURL stringoptional

Documentation URL

formaturi

maxLength2048

Protocols ApplicationProtocolsoptional

Protocol-specific configuration

Oauth2 ApplicationProtocolsOauth2optional

OAuth 2.0 protocol configuration

PostLogoutRedirectUris []stringoptional

OAuth 2.0 post-logout redirect URIs for this application

RedirectUris []stringoptional

OAuth 2.0 redirect URIs for this application

ApplicationID stringoptional

Application ID that initiated this session

AuthenticatedAt Timeoptional

Date when the session was authenticated

formatdate-time

CreatedAt Timeoptional

Entity creation timestamp

formatdate-time

ExpiresAt Timeoptional

Date when session expires

formatdate-time

Issuer stringoptional

Issuer URL from IdP

formaturi

Metadata SessionUserSessionTypeMetadataoptional

Session metadata

Name string

Name of the initiating application or user agent

OrganizationID stringoptional

Organization that owns this session

ParentID stringoptional

Parent session ID for hierarchical sessions (user sessions only). When null, this is a web session - a top-level session initiated directly by a user. When set, this is a child session derived from the parent, used for token refresh or delegation. Application sessions cannot have parents.

ProviderID stringoptional

Provider ID

SessionData map[string, any]optional

Session claims data (ID token claims for users, application claims for applications)

Status stringoptional

Accepts one of the following:

const SessionUserSessionTypeStatusActive SessionUserSessionTypeStatus = "active"

const SessionUserSessionTypeStatusExpired SessionUserSessionTypeStatus = "expired"

const SessionUserSessionTypeStatusRevoked SessionUserSessionTypeStatus = "revoked"

Subject stringoptional

Subject claim from IdP

UpdatedAt Timeoptional

Entity update timestamp

formatdate-time

DeprecatedUser Useroptional

An authenticated user entity

ID string

Unique identifier of the user

CreatedAt Time

Entity creation timestamp

formatdate-time

Email string

Email address of the user

formatemail

EmailVerified bool

Whether the email address has been verified

OrganizationID string

Organization that owns this user

UpdatedAt Time

Entity update timestamp

formatdate-time

ZoneID string

Zone this user belongs to

AuthenticatedAt stringoptional

Date when the user was last authenticated

Issuer stringoptional

Issuer identifier of the identity provider

ProviderID stringoptional

Reference to the identity provider. This field is undefined when the source identity provider is deleted but the user is not deleted.

Subject stringoptional

Subject identifier from the identity provider

DeprecatedUserAgent UserAgentoptional

A User Agent represents a user agent (browser, desktop app, CLI tool) that can initiate user sessions via OAuth 2.0 Dynamic Client Registration.

ID string

Unique identifier of the user agent

CreatedAt Time

Entity creation timestamp

formatdate-time

Identifier string

User agent identifier (serves as OAuth client_id). Format: ua:{sha256_hash}

Name string

Human-readable name

minLength1

maxLength255

OrganizationID string

Organization that owns this user agent

Slug string

URL-safe identifier, unique within the zone

minLength1

maxLength63

UpdatedAt Time

Entity update timestamp

formatdate-time

ZoneID string

Zone this user agent belongs to

UserAgentID stringoptional

User agent ID (browser/client) that initiated this session

ZoneID stringoptional

Zone this session belongs to

type SessionApplicationSessionType struct{…}

Application session type-specific fields

ApplicationID string

Application ID that initiated this session

Issuer string

Issuer URL from IdP

formaturi

ProviderID string

Provider ID

SessionType string

Subject string

Subject claim from IdP

ID stringoptional

Session ID

DeprecatedActive booloptional

Whether the session is currently active (deprecated - use status instead)

DeprecatedApplication Applicationoptional

An Application is a software system with an associated identity that can access Resources. It may act on its own behalf (machine-to-machine) or on behalf of a user (delegated access).

ID string

Unique identifier of the application

CreatedAt Time

Entity creation timestamp

formatdate-time

DependenciesCount int64

Number of resource dependencies

Identifier string

User specified identifier, unique within the zone

minLength1

maxLength2048

Name string

Human-readable name

minLength1

maxLength255

OrganizationID string

Organization that owns this application

OwnerType ApplicationOwnerType

Who owns this application. Platform-owned applications cannot be modified via API.

Accepts one of the following:

const ApplicationOwnerTypePlatform ApplicationOwnerType = "platform"

const ApplicationOwnerTypeCustomer ApplicationOwnerType = "customer"

Slug string

URL-safe identifier, unique within the zone

minLength1

maxLength63

UpdatedAt Time

Entity update timestamp

formatdate-time

ZoneID string

Zone this application belongs to

Description stringoptional

Human-readable description

maxLength2048

Metadata Metadataoptional

Entity metadata

DocsURL stringoptional

Documentation URL

formaturi

maxLength2048

Protocols ApplicationProtocolsoptional

Protocol-specific configuration

Oauth2 ApplicationProtocolsOauth2optional

OAuth 2.0 protocol configuration

PostLogoutRedirectUris []stringoptional

OAuth 2.0 post-logout redirect URIs for this application

RedirectUris []stringoptional

OAuth 2.0 redirect URIs for this application

AuthenticatedAt Timeoptional

Date when the session was authenticated

formatdate-time

CreatedAt Timeoptional

Entity creation timestamp

formatdate-time

ExpiresAt Timeoptional

Date when session expires

formatdate-time

Metadata SessionApplicationSessionTypeMetadataoptional

Session metadata

Name string

Name of the initiating application or user agent

OrganizationID stringoptional

Organization that owns this session

SessionData map[string, any]optional

Session claims data (ID token claims for users, application claims for applications)

Status stringoptional

Accepts one of the following:

const SessionApplicationSessionTypeStatusActive SessionApplicationSessionTypeStatus = "active"

const SessionApplicationSessionTypeStatusExpired SessionApplicationSessionTypeStatus = "expired"

const SessionApplicationSessionTypeStatusRevoked SessionApplicationSessionTypeStatus = "revoked"

UpdatedAt Timeoptional

Entity update timestamp

formatdate-time

ZoneID stringoptional

Zone this session belongs to

Update session

Go

HTTP

TypeScript

Python

Go

package main

import (
  "context"
  "fmt"

  "github.com/keycardai/keycard-go"
)

func main() {
  client := keycard.NewClient(

  )
  session, err := client.Zones.Sessions.Update(
    context.TODO(),
    "id",
    keycard.ZoneSessionUpdateParams{
      ZoneID: "zoneId",
      Status: keycard.ZoneSessionUpdateParamsStatusRevoked,
    },
  )
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", session)
}

200 example

{
  "session_type": "user",
  "user_id": "user_id",
  "id": "id",
  "active": true,
  "application": {
    "id": "id",
    "created_at": "2019-12-27T18:11:19.117Z",
    "dependencies_count": 0,
    "identifier": "x",
    "name": "x",
    "organization_id": "organization_id",
    "owner_type": "platform",
    "slug": "slug",
    "updated_at": "2019-12-27T18:11:19.117Z",
    "zone_id": "zone_id",
    "description": "description",
    "metadata": {
      "docs_url": "https://example.com"
    },
    "protocols": {
      "oauth2": {
        "post_logout_redirect_uris": [
          "https://example.com"
        ],
        "redirect_uris": [
          "https://example.com"
        ]
      }
    }
  },
  "application_id": "application_id",
  "authenticated_at": "2019-12-27T18:11:19.117Z",
  "created_at": "2019-12-27T18:11:19.117Z",
  "expires_at": "2019-12-27T18:11:19.117Z",
  "issuer": "https://example.com",
  "metadata": {
    "name": "name"
  },
  "organization_id": "organization_id",
  "parent_id": "parent_id",
  "provider_id": "provider_id",
  "session_data": {
    "foo": "bar"
  },
  "status": "active",
  "subject": "subject",
  "updated_at": "2019-12-27T18:11:19.117Z",
  "user": {
    "id": "id",
    "created_at": "2019-12-27T18:11:19.117Z",
    "email": "dev@stainless.com",
    "email_verified": true,
    "organization_id": "organization_id",
    "updated_at": "2019-12-27T18:11:19.117Z",
    "zone_id": "zone_id",
    "authenticated_at": "authenticated_at",
    "issuer": "issuer",
    "provider_id": "provider_id",
    "subject": "subject"
  },
  "user_agent": {
    "id": "id",
    "created_at": "2019-12-27T18:11:19.117Z",
    "identifier": "identifier",
    "name": "x",
    "organization_id": "organization_id",
    "slug": "slug",
    "updated_at": "2019-12-27T18:11:19.117Z",
    "zone_id": "zone_id"
  },
  "user_agent_id": "user_agent_id",
  "zone_id": "zone_id"
}

Returns Examples

200 example

{
  "session_type": "user",
  "user_id": "user_id",
  "id": "id",
  "active": true,
  "application": {
    "id": "id",
    "created_at": "2019-12-27T18:11:19.117Z",
    "dependencies_count": 0,
    "identifier": "x",
    "name": "x",
    "organization_id": "organization_id",
    "owner_type": "platform",
    "slug": "slug",
    "updated_at": "2019-12-27T18:11:19.117Z",
    "zone_id": "zone_id",
    "description": "description",
    "metadata": {
      "docs_url": "https://example.com"
    },
    "protocols": {
      "oauth2": {
        "post_logout_redirect_uris": [
          "https://example.com"
        ],
        "redirect_uris": [
          "https://example.com"
        ]
      }
    }
  },
  "application_id": "application_id",
  "authenticated_at": "2019-12-27T18:11:19.117Z",
  "created_at": "2019-12-27T18:11:19.117Z",
  "expires_at": "2019-12-27T18:11:19.117Z",
  "issuer": "https://example.com",
  "metadata": {
    "name": "name"
  },
  "organization_id": "organization_id",
  "parent_id": "parent_id",
  "provider_id": "provider_id",
  "session_data": {
    "foo": "bar"
  },
  "status": "active",
  "subject": "subject",
  "updated_at": "2019-12-27T18:11:19.117Z",
  "user": {
    "id": "id",
    "created_at": "2019-12-27T18:11:19.117Z",
    "email": "dev@stainless.com",
    "email_verified": true,
    "organization_id": "organization_id",
    "updated_at": "2019-12-27T18:11:19.117Z",
    "zone_id": "zone_id",
    "authenticated_at": "authenticated_at",
    "issuer": "issuer",
    "provider_id": "provider_id",
    "subject": "subject"
  },
  "user_agent": {
    "id": "id",
    "created_at": "2019-12-27T18:11:19.117Z",
    "identifier": "identifier",
    "name": "x",
    "organization_id": "organization_id",
    "slug": "slug",
    "updated_at": "2019-12-27T18:11:19.117Z",
    "zone_id": "zone_id"
  },
  "user_agent_id": "user_agent_id",
  "zone_id": "zone_id"
}