Revoke one of the current user's sessions (log out a device). Requires an end-user access token; a user can only revoke a session belonging to them (enforced by RLS + ownership check).
DELETE
End-user session operationId: revoke/v1/sessions/{id} Authorization
Called from the browser with the publishable application id (x-application-id); the access token lives in memory.
Path parameters
idstring<uuid> requiredSession id to revoke
Responses
200 Revoked
401 No end-user session
403 Not the caller's session
404 No such session
Request
curl -X DELETE "http://localhost:8080/v1/sessions/018f3c4a-7b2e-7c1d-9e0a-1f2b3c4d5e6f" \Try it
live requestDELETE
http://localhost:8080/v1/sessions/018f3c4a-7b2e-7c1d-9e0a-1f2b3c4d5e6f