The current user's sign-in history: recent sessions (active, revoked, and expired), newest first. Self-service — requires an end-user access token. Lets a user review where/when their account was accessed (Item 19), the end-user analogue of the admin audit trail.
GET
End-user session operationId: history/v1/sessions/history Authorization
Called from the browser with the publishable application id (x-application-id); the access token lives in memory.
Responses
200 Sign-in history
{
"data": [
{
"aal": 0,
"created_at": "2026-01-15T09:30:00Z",
"current": false,
"expires_at": "2026-01-15T09:30:00Z",
"factors": [
"string"
],
"id": "018f3c4a-7b2e-7c1d-9e0a-1f2b3c4d5e6f",
"ip": "string",
"last_active_at": "2026-01-15T09:30:00Z",
"user_agent": "string"
}
],
"error": {
"code": "string",
"message": "string"
},
"meta": {
"timestamp": "string"
},
"success": false
} 401 No end-user session
Request
curl -X GET "http://localhost:8080/v1/sessions/history" \Try it
live requestGET
http://localhost:8080/v1/sessions/history