> ## Documentation Index
> Fetch the complete documentation index at: https://docs.authsignal.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Server SDKs - Sessions

> Use Authsignal's server-side SDK methods for sessions.

### Create Session

<Card title="API schema" icon="file-code" href="/api-reference/server-api/create-session" horizontal />

This method can be used to convert a challenge into an authenticated session. If the challenge associated with the client token was successful, it will return an access token and refresh token.

<CodeGroup>
  ```ts Node.js theme={null}
  const request = {
    token: "eyJhbGciOiJ...",
    clientId: "46e10ac5-cb9c-458f-ad86-0f698f67b365",
  };

  const response = await authsignal.createSession(request);

  const accessToken = response.accessToken;
  const refreshToken = response.refreshToken;
  ```

  ```csharp C# theme={null}
  var request = new CreateSessionRequest(
      Token: "eyJhbGciOiJ...",
      ClientId: "46e10ac5-cb9c-458f-ad86-0f698f67b365"
  );

  var response = await authsignal.CreateSession(request);

  var accessToken = response.AccessToken;
  var refreshToken = response.RefreshToken;
  ```

  ```java Java theme={null}
  CreateSessionRequest request = new CreateSessionRequest();
  request.token = "eyJhbGciOiJ...";
  request.clientId = "46e10ac5-cb9c-458f-ad86-0f698f67b365";

  CreateSessionResponse response = authsignal.createSession(request).get();

  String accessToken = response.accessToken;
  String refreshToken = response.refreshToken;
  ```

  ```ruby Ruby theme={null}
  response = Authsignal.create_session(
      token: "eyJhbGciOiJ...",
      client_id: "46e10ac5-cb9c-458f-ad86-0f698f67b365",
  )

  access_token = response[:access_token]
  refresh_token = response[:refresh_token]
  ```

  ```go Go theme={null}
  response, err := client.CreateSession(
      CreateSessionRequest{
          Token: "eyJhbGciOiJ...",
          ClientId: "46e10ac5-cb9c-458f-ad86-0f698f67b365",
      },
  )



  accessToken := response.AccessToken
  refreshToken := response.RefreshToken
  ```
</CodeGroup>

### Validate Session

<Card title="API schema" icon="file-code" href="/api-reference/server-api/validate-session" horizontal />

This method can be used to validate a session for a given access token. This will ensure both that the token signature is valid and that the token has not been revoked.

<CodeGroup>
  ```ts Node.js theme={null}
  const request = {
    accessToken: "eyJhbGciOiJ...",
    clientIds: ["46e10ac5-cb9c-458f-ad86-0f698f67b365"],
  };

  const response = await authsignal.validateSession(request);

  const userId = response.user.userId;
  const email = response.user.email;
  ```

  ```csharp C# theme={null}
  var request = new ValidateSessionRequest(
      AccessToken: "eyJhbGciOiJ...",
      ClientIds: ["46e10ac5-cb9c-458f-ad86-0f698f67b365"]
  );

  var response = await authsignal.ValidateSession(request);

  var userId = response.User.UserId;
  var email = response.User.Email;
  ```

  ```java Java theme={null}
  ValidateSessionRequest request = new ValidateSessionRequest();
  request.accessToken = "eyJhbGciOiJ...";
  request.clientIds = clientIds = new String[] { "46e10ac5-cb9c-458f-ad86-0f698f67b365" };

  ValidateSessionResponse response = authsignal.validateSession(request).get();

  String userId = response.user.userId;
  String email = response.user.email;
  ```

  ```ruby Ruby theme={null}
  response = Authsignal.validate_session(
      access_token: "eyJhbGciOiJ...",
      client_ids: ["46e10ac5-cb9c-458f-ad86-0f698f67b365"],
  )

  user_id = response[:user][:user_id]
  email = response[:user][:email]
  ```

  ```go Go theme={null}
  response, err := client.ValidateSession(
      ValidateSessionRequest{
          AccessToken: "eyJhbGciOiJ...",
          ClientIds: []string{"46e10ac5-cb9c-458f-ad86-0f698f67b365"}
      },
  )



  userId := response.User.UserId
  email := response.User.Email
  ```
</CodeGroup>

### Refresh Session

<Card title="API schema" icon="file-code" href="/api-reference/server-api/refresh-session" horizontal />

This method can be used to refresh a session for a given refresh token. This will return a new access token and refresh token, revoking any previously issued tokens.

<CodeGroup>
  ```ts Node.js theme={null}
  const request = {
    refreshToken: "3f72a26e6834b4da...",
  };

  const response = await authsignal.refreshSession(request);

  const accessToken = response.accessToken;
  const refreshToken = response.refreshToken;
  ```

  ```csharp C# theme={null}
  var request = new RefreshSessionRequest(
      RefreshToken: "3f72a26e6834b4da...",
  );

  var response = await authsignal.RefreshSession(request);

  var accessToken = response.AccessToken;
  var refreshToken = response.RefreshToken;
  ```

  ```java Java theme={null}
  RefreshSessionRequest request = new RefreshSessionRequest();
  request.refreshToken = "3f72a26e6834b4da...";

  RefreshSessionResponse response = authsignal.refreshSession(request).get();

  String accessToken = response.accessToken;
  String refreshToken = response.refreshToken;
  ```

  ```ruby Ruby theme={null}
  response = Authsignal.refresh_session(
      refresh_token: "3f72a26e6834b4da...",
  )

  access_token = response[:access_token]
  refresh_token = response[:refresh_token]
  ```

  ```go Go theme={null}
  response, err := client.RefreshSession(
      RefreshSessionRequest{
          RefreshToken: "3f72a26e6834b4da...",
      },
  )



  accessToken := response.AccessToken
  refreshToken := response.RefreshToken
  ```
</CodeGroup>

### Revoke Session

<Card title="API schema" icon="file-code" href="/api-reference/server-api/revoke-session" horizontal />

This method can be used to revoke a session for a given access token.

<CodeGroup>
  ```ts Node.js theme={null}
  const request = {
    accessToken: "eyJhbGciOiJ...",
  };

  await authsignal.revokeSession(request);
  ```

  ```csharp C# theme={null}
  var request = new RevokeSessionRequest(
      AccessToken: "eyJhbGciOiJ..."
  );

  await authsignal.RevokeSession(request);
  ```

  ```java Java theme={null}
  RevokeSessionRequest request = new RevokeSessionRequest();
  request.accessToken = "eyJhbGciOiJ...";

  authsignal.revokeSession(request).get();
  ```

  ```ruby Ruby theme={null}
  response = Authsignal.revoke_session(
      access_token: "eyJhbGciOiJ...",
  )
  ```

  ```go Go theme={null}
  err := client.RevokeSession(
      RevokeSessionRequest{
          AccessToken: "eyJhbGciOiJ...",
      },
  )


  ```
</CodeGroup>

### Revoke User Sessions

<Card title="API schema" icon="file-code" href="/api-reference/server-api/revoke-user-sessions" horizontal />

This method can be used to revoke all active sessions for a given user.

<CodeGroup>
  ```ts Node.js theme={null}
  const request = {
    userId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
  };

  await authsignal.revokeUserSessions(request);
  ```

  ```csharp C# theme={null}
  var request = new RevokeUserSessionsRequest(
      UserId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833"
  );

  await authsignal.RevokeUserSessions(request);
  ```

  ```java Java theme={null}
  RevokeUserSessionsRequest request = new RevokeUserSessionsRequest();
  request.userId = "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833";

  authsignal.revokeUserSessions(request).get();
  ```

  ```ruby Ruby theme={null}
  response = Authsignal.revoke_user_sessions(
      user_id: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
  )
  ```

  ```go Go theme={null}
  err := client.RevokeUserSessions(
      RevokeSessionRequest{
          UserId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      },
  )


  ```
</CodeGroup>
