Server SDKs - Sessions

Create Session

API schema

This method can be used to convert a challenge into an authenticated session. If the challenge associated with the client token was successful, it will return an access token and refresh token.

const request = {
  token: "eyJhbGciOiJ...",
  clientId: "46e10ac5-cb9c-458f-ad86-0f698f67b365",
};

const response = await authsignal.createSession(request);

const accessToken = response.accessToken;
const refreshToken = response.refreshToken;

Validate Session

API schema

This method can be used to validate a session for a given access token. This will ensure both that the token signature is valid and that the token has not been revoked.

const request = {
  accessToken: "eyJhbGciOiJ...",
  clientIds: ["46e10ac5-cb9c-458f-ad86-0f698f67b365"],
};

const response = await authsignal.validateSession(request);

const userId = response.user.userId;
const email = response.user.email;

Refresh Session

API schema

This method can be used to refresh a session for a given refresh token. This will return a new access token and refresh token, revoking any previously issued tokens.

const request = {
  refreshToken: "3f72a26e6834b4da...",
};

const response = await authsignal.refreshSession(request);

const accessToken = response.accessToken;
const refreshToken = response.refreshToken;

Revoke Session

API schema

This method can be used to revoke a session for a given access token.

const request = {
  accessToken: "eyJhbGciOiJ...",
};

await authsignal.revokeSession(request);

Revoke User Sessions

API schema

This method can be used to revoke all active sessions for a given user.

const request = {
  userId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
};

await authsignal.revokeUserSessions(request);

Server

Client

​Create Session

API schema

​Validate Session

API schema

​Refresh Session

API schema

​Revoke Session

API schema

​Revoke User Sessions

API schema

Create Session

Validate Session

Refresh Session

Revoke Session

Revoke User Sessions