> ## Documentation Index
> Fetch the complete documentation index at: https://stytch.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Revoke sessions

> Revoking a session immediately invalidates the session token, effectively logging the user out. Session JWTs are not immediately revoked; they will still validate locally until they hit the 5-minute expiration mark.

<Tabs>
  <Tab title="Via SDK">
    ## Using the Stytch SDK

    <Steps>
      <Step title="Using sessions.revoke()">
        The `sessions.revoke()` [method](/api-reference/b2b/frontend-sdks/react/methods/sessions/revoke-session) clears the member and session objects from local storage unless the SDK cannot contact the Stytch servers.
      </Step>

      <Step title="Example" icon="code">
        ```javascript lines theme={null}
        export const logout = () => {
            stytch.session.revoke();
        };
        ```
      </Step>
    </Steps>
  </Tab>

  <Tab title="Via API">
    ## Using the Stytch API

    <Steps>
      <Step title="Using sessions.revoke()">
        The `sessions.revoke()` [endpoint](/api-reference/b2b/frontend-sdks/react/methods/sessions/revoke-session) provides two options:

        1. Revoke a **single** Member Session by providing the `member_session_id`, `session_token`, or `session_jwt`. This is useful when a member may have multiple sessions on different devices and you want to revoke the current session in question only.
        2. Revoke **all** sessions associated with a member by specifying the `member_id`. This option is helpful if you need to revoke all sessions for a member.
      </Step>

      <Step title="Example" icon="code">
        ```python lines theme={null}
        @app.route("/org/logout", methods=["POST"])
        def logout():
            try:
                resp = stytch_client.sessions.revoke(
                    session_token=session['stytch_session']
                )
            if resp.status != 200:
                    return handle_error(resp.status)
            # Clear the session managed by Flask as well if successful
            session.pop('stytch_session', None)
            return redirect(url_for('org_home'))
            except Exception as e:
                return handle_exception(e)
        ```
      </Step>
    </Steps>
  </Tab>
</Tabs>

<Tip>
  We recommend showing members a list of all their active sessions so they can revoke any unrecognized session by IP address or user agent.

  Use [custom claims](multi-tenant-auth/manage-sessions/custom-claims#add-custom-claims-to-a-session) to attach values to the [Member Session object](/api-reference/b2b/api/sessions/session-object#schema-custom-claims) via the `session_custom_claims` parameter.
</Tip>