Terminate All Other Sessions
POST
/web/v1/system/security/sessions/terminate-all JWTTerminates all sessions except the current one for the authenticated user. Returns the count of terminated sessions as an integer in the data field. An audit log entry is created if any sessions were terminated.
Required Headers
| Header | Example Value | Description |
|---|---|---|
| Content-Type | application/json | Request content type |
| Accept | application/json | Expected response type |
| X-Client-Hash | Client device fingerprint | |
| Accept-Language | en, zh, zh-Hant, ja, vi | Response language (default: en) |
| Authorization | Bearer | JWT access token |
Request Parameters
No request parameters required.
Request Example
No request body required.
Success Response
Success 200
{
"version": "1.3.0",
"timestamp": 1709337600000,
"success": true,
"code": "2000",
"message": "SUCCESS",
"data": 2
}The data field contains an integer representing the number of other sessions that were terminated (e.g. 2).
Error Responses
Unauthorized — missing session context 401
{
"success": false,
"code": "ACCESS.UNAUTHORIZED",
"message": "Security context is missing"
}Unauthorized 401
{
"success": false,
"code": "4010",
"message": "Invalid or expired token"
}Notes
- The current session is always preserved; only other sessions are terminated.
- Returns the number of sessions that were terminated (integer). Returns
0if no other sessions existed. - An audit log entry (
ALL_SESSIONS_TERMINATED) withterminatedCountattribute is created when count > 0.