Identity Cloud

View and terminate sessions

If you have configured Identity Cloud to use server-side sessions[1], you can view and terminate users' sessions in the AM admin UI.

Refer to Manage sessions using REST for advanced functionality that is not available in the AM admin UI.

View sessions

  1. In the AM admin UI, go to Realms > Realm Name.

  2. Select Sessions.

  3. The Sessions page appears with a single field in which to enter a username.

    Identity Cloud uses generated UUIDs for usernames. To get a UUID:

    1. In the Identity Cloud admin UI, go to Identities > Manage.

    2. From the Realm Name - Users list, click the user for which you want to obtain the UUID.

    3. Click Raw JSON from the left-hand menu, and copy the value for _id. For example, 0c8a31fa-a763-4fca-9352-0c3cc84a2138.

  4. Paste the UUID in the Session page’s username field.

  5. Click the entry in the drop-down list to search for the user’s sessions.

    If the user has active server-side sessions, Identity Cloud retrieves the sessions for the user and displays them in a table:

    An administrator can view and invalidate server-side sessions.

Terminate sessions

To terminate a user’s server-side session:

  1. View the user’s sessions.

  2. Select the session you want to terminate.

  3. Clicking the Invalidate Selected button.

After you terminate a user’s session, the user must reauthenticate to access resources protected by Identity Cloud.

Deleting a user does not remove a user’s server-side sessions. After deleting a user, use the preceding steps to check for any sessions for the user and invalidate them.

1. This page pertains to server-side sessions only, not authentication sessions or client-side sessions.
Copyright © 2010-2023 ForgeRock, all rights reserved.