Revoke sessions - Stytch Docs

Via SDK
Via API

Using the Stytch SDK

Using sessions.revoke()

The sessions.revoke() method clears the member and session objects from local storage unless the SDK cannot contact the Stytch servers.

Example

export const logout = () => {
    stytch.session.revoke();
};

Using the Stytch API

Using sessions.revoke()

The sessions.revoke() endpoint provides two options:

Revoke a single Member Session by providing the member_session_id, session_token, or session_jwt. This is useful when a member may have multiple sessions on different devices and you want to revoke the current session in question only.
Revoke all sessions associated with a member by specifying the member_id. This option is helpful if you need to revoke all sessions for a member.

Example

@app.route("/org/logout", methods=["POST"])
def logout():
    try:
        resp = stytch_client.sessions.revoke(
            session_token=session['stytch_session']
        )
    if resp.status != 200:
            return handle_error(resp.status)
    # Clear the session managed by Flask as well if successful
    session.pop('stytch_session', None)
    return redirect(url_for('org_home'))
    except Exception as e:
        return handle_exception(e)

We recommend showing members a list of all their active sessions so they can revoke any unrecognized session by IP address or user agent.Use custom claims to attach values to the Member Session object via the session_custom_claims parameter.

​Using the Stytch SDK

​Using the Stytch API

Using the Stytch SDK

Using the Stytch API