List sessions

GET/zones/{zoneId}/sessions

Returns sessions in the specified zone. By default, returns entry sessions (app user sessions with an initiator that are roots or direct children of a root user session). Use include_nested=true to include nested sessions. Can be filtered by session type, status, and user.

Path ParametersExpand Collapse

zoneId: string

Query ParametersExpand Collapse

active: optional "true"

after: optional string

Cursor for forward pagination

minLength1

maxLength255

before: optional string

Cursor for backward pagination

minLength1

maxLength255

"expand[]": optional "total_count" or array of "total_count"

Accepts one of the following:

UnionMember0 = "total_count"

UnionMember1 = array of "total_count"

include_nested: optional "true"

Include nested sessions. When false (default), only returns entry sessions (direct children of root user sessions). When true, returns all sessions with an initiator, including nested sessions.

limit: optional number

Maximum number of items to return

minimum1

maximum100

session_type: optional "user" or "application"

Accepts one of the following:

"user"

"application"

status: optional "active" or "expired" or "revoked"

Accepts one of the following:

"active"

"expired"

"revoked"

user_id: optional string

Filter by user ID

ReturnsExpand Collapse

items: array of Session

Accepts one of the following:

IamUserSessionType = object { session_type, user_id, id, 19 more }

User session type-specific fields

session_type: "user"

user_id: string

User ID

id: optional string

Session ID

Deprecatedactive: optional boolean

Whether the session is currently active (deprecated - use status instead)

Deprecatedapplication: optional Application { id, created_at, dependencies_count, 10 more }

An Application is a software system with an associated identity that can access Resources. It may act on its own behalf (machine-to-machine) or on behalf of a user (delegated access).

id: string

Unique identifier of the application

created_at: string

Entity creation timestamp

formatdate-time

dependencies_count: number

Number of resource dependencies

identifier: string

User specified identifier, unique within the zone

minLength1

maxLength2048

Human-readable name

minLength1

maxLength255

organization_id: string

Organization that owns this application

owner_type: "platform" or "customer"

Who owns this application. Platform-owned applications cannot be modified via API.

Accepts one of the following:

"platform"

"customer"

slug: string

URL-safe identifier, unique within the zone

minLength1

maxLength63

updated_at: string

Entity update timestamp

formatdate-time

zone_id: string

Zone this application belongs to

description: optional string

Human-readable description

maxLength2048

metadata: optional Metadata { docs_url }

Entity metadata

docs_url: optional string

Documentation URL

formaturi

maxLength2048

protocols: optional object { oauth2 }

Protocol-specific configuration

oauth2: optional object { post_logout_redirect_uris, redirect_uris }

OAuth 2.0 protocol configuration

post_logout_redirect_uris: optional array of string

OAuth 2.0 post-logout redirect URIs for this application

redirect_uris: optional array of string

OAuth 2.0 redirect URIs for this application

application_id: optional string

Application ID that initiated this session

authenticated_at: optional string

Date when the session was authenticated

formatdate-time

created_at: optional string

Entity creation timestamp

formatdate-time

expires_at: optional string

Date when session expires

formatdate-time

issuer: optional string

Issuer URL from IdP

formaturi

metadata: optional object { name }

Session metadata

Name of the initiating application or user agent

organization_id: optional string

Organization that owns this session

parent_id: optional string

Parent session ID for hierarchical sessions (user sessions only). When null, this is a web session - a top-level session initiated directly by a user. When set, this is a child session derived from the parent, used for token refresh or delegation. Application sessions cannot have parents.

provider_id: optional string

Provider ID

session_data: optional map[unknown]

Session claims data (ID token claims for users, application claims for applications)

status: optional "active" or "expired" or "revoked"

Accepts one of the following:

"active"

"expired"

"revoked"

subject: optional string

Subject claim from IdP

updated_at: optional string

Entity update timestamp

formatdate-time

Deprecateduser: optional User { id, created_at, email, 8 more }

An authenticated user entity

id: string

Unique identifier of the user

created_at: string

Entity creation timestamp

formatdate-time

email: string

Email address of the user

formatemail

email_verified: boolean

Whether the email address has been verified

organization_id: string

Organization that owns this user

updated_at: string

Entity update timestamp

formatdate-time

zone_id: string

Zone this user belongs to

authenticated_at: optional string

Date when the user was last authenticated

issuer: optional string

Issuer identifier of the identity provider

provider_id: optional string

Reference to the identity provider. This field is undefined when the source identity provider is deleted but the user is not deleted.

subject: optional string

Subject identifier from the identity provider

Deprecateduser_agent: optional UserAgent { id, created_at, identifier, 5 more }

A User Agent represents a user agent (browser, desktop app, CLI tool) that can initiate user sessions via OAuth 2.0 Dynamic Client Registration.

id: string

Unique identifier of the user agent

created_at: string

Entity creation timestamp

formatdate-time

identifier: string

User agent identifier (serves as OAuth client_id). Format: ua:{sha256_hash}

Human-readable name

minLength1

maxLength255

organization_id: string

Organization that owns this user agent

slug: string

URL-safe identifier, unique within the zone

minLength1

maxLength63

updated_at: string

Entity update timestamp

formatdate-time

zone_id: string

Zone this user agent belongs to

user_agent_id: optional string

User agent ID (browser/client) that initiated this session

zone_id: optional string

Zone this session belongs to

IamApplicationSessionType = object { application_id, issuer, provider_id, 14 more }

Application session type-specific fields

application_id: string

Application ID that initiated this session

issuer: string

Issuer URL from IdP

formaturi

provider_id: string

Provider ID

session_type: "application"

subject: string

Subject claim from IdP

id: optional string

Session ID

Deprecatedactive: optional boolean

Whether the session is currently active (deprecated - use status instead)

Deprecatedapplication: optional Application { id, created_at, dependencies_count, 10 more }

An Application is a software system with an associated identity that can access Resources. It may act on its own behalf (machine-to-machine) or on behalf of a user (delegated access).

id: string

Unique identifier of the application

created_at: string

Entity creation timestamp

formatdate-time

dependencies_count: number

Number of resource dependencies

identifier: string

User specified identifier, unique within the zone

minLength1

maxLength2048

Human-readable name

minLength1

maxLength255

organization_id: string

Organization that owns this application

owner_type: "platform" or "customer"

Who owns this application. Platform-owned applications cannot be modified via API.

Accepts one of the following:

"platform"

"customer"

slug: string

URL-safe identifier, unique within the zone

minLength1

maxLength63

updated_at: string

Entity update timestamp

formatdate-time

zone_id: string

Zone this application belongs to

description: optional string

Human-readable description

maxLength2048

metadata: optional Metadata { docs_url }

Entity metadata

docs_url: optional string

Documentation URL

formaturi

maxLength2048

protocols: optional object { oauth2 }

Protocol-specific configuration

oauth2: optional object { post_logout_redirect_uris, redirect_uris }

OAuth 2.0 protocol configuration

post_logout_redirect_uris: optional array of string

OAuth 2.0 post-logout redirect URIs for this application

redirect_uris: optional array of string

OAuth 2.0 redirect URIs for this application

authenticated_at: optional string

Date when the session was authenticated

formatdate-time

created_at: optional string

Entity creation timestamp

formatdate-time

expires_at: optional string

Date when session expires

formatdate-time

metadata: optional object { name }

Session metadata

Name of the initiating application or user agent

organization_id: optional string

Organization that owns this session

session_data: optional map[unknown]

Session claims data (ID token claims for users, application claims for applications)

status: optional "active" or "expired" or "revoked"

Accepts one of the following:

"active"

"expired"

"revoked"

updated_at: optional string

Entity update timestamp

formatdate-time

zone_id: optional string

Zone this session belongs to

pagination: object { after_cursor, before_cursor, total_count }

Cursor-based pagination metadata

after_cursor: string

An opaque cursor used for paginating through a list of results

minLength1

maxLength255

before_cursor: string

An opaque cursor used for paginating through a list of results

minLength1

maxLength255

total_count: optional number

Total number of items matching the query. Only included when expand[]=total_count is requested.

List sessions

curl https://api.keycard.ai/zones/$ZONE_ID/sessions

{
  "items": [
    {
      "session_type": "user",
      "user_id": "user_id",
      "id": "id",
      "active": true,
      "application": {
        "id": "id",
        "created_at": "2019-12-27T18:11:19.117Z",
        "dependencies_count": 0,
        "identifier": "x",
        "name": "x",
        "organization_id": "organization_id",
        "owner_type": "platform",
        "slug": "slug",
        "updated_at": "2019-12-27T18:11:19.117Z",
        "zone_id": "zone_id",
        "description": "description",
        "metadata": {
          "docs_url": "https://example.com"
        },
        "protocols": {
          "oauth2": {
            "post_logout_redirect_uris": [
              "https://example.com"
            ],
            "redirect_uris": [
              "https://example.com"
            ]
          }
        }
      },
      "application_id": "application_id",
      "authenticated_at": "2019-12-27T18:11:19.117Z",
      "created_at": "2019-12-27T18:11:19.117Z",
      "expires_at": "2019-12-27T18:11:19.117Z",
      "issuer": "https://example.com",
      "metadata": {
        "name": "name"
      },
      "organization_id": "organization_id",
      "parent_id": "parent_id",
      "provider_id": "provider_id",
      "session_data": {
        "foo": "bar"
      },
      "status": "active",
      "subject": "subject",
      "updated_at": "2019-12-27T18:11:19.117Z",
      "user": {
        "id": "id",
        "created_at": "2019-12-27T18:11:19.117Z",
        "email": "dev@stainless.com",
        "email_verified": true,
        "organization_id": "organization_id",
        "updated_at": "2019-12-27T18:11:19.117Z",
        "zone_id": "zone_id",
        "authenticated_at": "authenticated_at",
        "issuer": "issuer",
        "provider_id": "provider_id",
        "subject": "subject"
      },
      "user_agent": {
        "id": "id",
        "created_at": "2019-12-27T18:11:19.117Z",
        "identifier": "identifier",
        "name": "x",
        "organization_id": "organization_id",
        "slug": "slug",
        "updated_at": "2019-12-27T18:11:19.117Z",
        "zone_id": "zone_id"
      },
      "user_agent_id": "user_agent_id",
      "zone_id": "zone_id"
    }
  ],
  "pagination": {
    "after_cursor": "x",
    "before_cursor": "x",
    "total_count": 0
  }
}

Returns Examples

{
  "items": [
    {
      "session_type": "user",
      "user_id": "user_id",
      "id": "id",
      "active": true,
      "application": {
        "id": "id",
        "created_at": "2019-12-27T18:11:19.117Z",
        "dependencies_count": 0,
        "identifier": "x",
        "name": "x",
        "organization_id": "organization_id",
        "owner_type": "platform",
        "slug": "slug",
        "updated_at": "2019-12-27T18:11:19.117Z",
        "zone_id": "zone_id",
        "description": "description",
        "metadata": {
          "docs_url": "https://example.com"
        },
        "protocols": {
          "oauth2": {
            "post_logout_redirect_uris": [
              "https://example.com"
            ],
            "redirect_uris": [
              "https://example.com"
            ]
          }
        }
      },
      "application_id": "application_id",
      "authenticated_at": "2019-12-27T18:11:19.117Z",
      "created_at": "2019-12-27T18:11:19.117Z",
      "expires_at": "2019-12-27T18:11:19.117Z",
      "issuer": "https://example.com",
      "metadata": {
        "name": "name"
      },
      "organization_id": "organization_id",
      "parent_id": "parent_id",
      "provider_id": "provider_id",
      "session_data": {
        "foo": "bar"
      },
      "status": "active",
      "subject": "subject",
      "updated_at": "2019-12-27T18:11:19.117Z",
      "user": {
        "id": "id",
        "created_at": "2019-12-27T18:11:19.117Z",
        "email": "dev@stainless.com",
        "email_verified": true,
        "organization_id": "organization_id",
        "updated_at": "2019-12-27T18:11:19.117Z",
        "zone_id": "zone_id",
        "authenticated_at": "authenticated_at",
        "issuer": "issuer",
        "provider_id": "provider_id",
        "subject": "subject"
      },
      "user_agent": {
        "id": "id",
        "created_at": "2019-12-27T18:11:19.117Z",
        "identifier": "identifier",
        "name": "x",
        "organization_id": "organization_id",
        "slug": "slug",
        "updated_at": "2019-12-27T18:11:19.117Z",
        "zone_id": "zone_id"
      },
      "user_agent_id": "user_agent_id",
      "zone_id": "zone_id"
    }
  ],
  "pagination": {
    "after_cursor": "x",
    "before_cursor": "x",
    "total_count": 0
  }
}