Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Admin endpoint to delete the sessions and trigger backchannel logout for a subject #1693
Is your feature request related to a problem? Please describe.
There are cases that we need to force log out a user from all the first-party client applications, e.g., when users reset their password or admins of the account want to revoke a user from a firm.
The documentation explicitly says that
What I am looking for is to invalidate all the existing sessions in the client applications, that have the backchannel logout implemented, immediately (not on next flow execution).
Describe the solution you'd like
Add an additional parameter (e.g.,
Describe alternatives you've considered
I have already had a discussion about this issue on the forum.