Identity Cloud

View and terminate sessions (UI)

If you have configured Identity Cloud to use server-side sessions[1], you can view and terminate users' sessions under Native Consoles > Access Management.

Refer to Manage sessions (REST API) for advanced functionality that’s not available from the UI.

View sessions

  1. Under Native Consoles > Access Management, go to Realms > Realm Name.

  2. Select Sessions.

  3. The Sessions page appears with a single field in which to enter a username.

    Identity Cloud uses generated UUIDs for usernames. To get a UUID:

    1. In the Identity Cloud admin UI, go to Identities > Manage.

    2. From the Realm Name - Users list, click the user for which you want to obtain the UUID.

    3. Click Raw JSON from the left-hand menu, and copy the value for _id. For example, 0c8a31fa-a763-4fca-9352-0c3cc84a2138.

  4. Paste the UUID in the Session page’s username field.

  5. Click the entry in the drop-down list to search for the user’s sessions.

    If the user has active server-side sessions, Identity Cloud retrieves the sessions for the user and displays them in a table:

    An administrator can view and invalidate server-side sessions.

Terminate sessions

To terminate a user’s server-side session:

  1. View the user’s sessions.

  2. Select the session you want to terminate.

  3. Clicking the Invalidate Selected button.

After you terminate a user’s session, the user must reauthenticate to access resources protected by Identity Cloud.

Deleting a user doesn’t remove a user’s server-side sessions. After deleting a user, use the preceding steps to check for any sessions for the user and invalidate them.


1. This page pertains to server-side sessions only, not authentication sessions or client-side sessions.
Copyright © 2010-2024 ForgeRock, all rights reserved.