Session Service
Port 11004 · 49 endpoints · micro-services/session-service/
Device Trust
| Method | Path | Summary | |
| GET | /trusted-devices | List my trusted devices | detail → |
| POST | /trusted-devices | Trust device | detail → |
| DELETE | /trusted-devices/{device_id} | Revoke my trusted device | detail → |
Session Management
| Method | Path | Summary | |
| GET | /admin/devices/{device_id}/risk | Get Device Risk Score | detail → |
| GET | /admin/sessions | List Sessions (Admin) | detail → |
| GET | /admin/sessions/active-count | Get Active Session Count | detail → |
| DELETE | /admin/sessions/bulk | Batch Revoke Sessions | detail → |
| GET | /admin/sessions/device-fingerprint | Get Session Device Fingerprint | detail → |
| DELETE | /admin/sessions/expired | Clean Expired Sessions | detail → |
| GET | /admin/sessions/risk-score | Get Session Risk Score | detail → |
| GET | /admin/sessions/stats | Get Session Statistics | detail → |
| DELETE | /admin/sessions/user/{user_id} | Revoke All User Sessions | detail → |
| GET | /admin/tokens | List Tokens | detail → |
| GET | /admin/tokens/blacklist | List Blacklisted Tokens | detail → |
| DELETE | /admin/tokens/blacklist/{device_id} | Delete Blacklisted Token | detail → |
| DELETE | /admin/tokens/config | Reset Tenant JWT Configuration | detail → |
| GET | /admin/tokens/config | Get Tenant JWT Configuration | detail → |
| PUT | /admin/tokens/config | Update Tenant JWT Configuration | detail → |
| POST | /admin/tokens/exchange | Token Exchange | detail → |
| POST | /admin/tokens/introspect | Token Introspection | detail → |
| POST | /admin/tokens/revoke-all | Revoke All Tokens | detail → |
| GET | /admin/tokens/{device_id} | Get Token Details | detail → |
| GET | /sessions | List User Sessions | detail → |
| POST | /sessions | Create Session | detail → |
| POST | /sessions/refresh | Refresh Token | detail → |
| POST | /sessions/rotate-access | Rotate Access Token | detail → |
| GET | /sessions/user/{user_id}/sessions | List User Sessions | detail → |
| DELETE | /sessions/{session_id} | Revoke Session | detail → |
| GET | /sessions/{session_id} | Get Session Details | detail → |
| POST | /sessions/{session_id}/activity | Update Session Activity Time | detail → |
| POST | /sessions/{session_id}/upgrade-mfa | Upgrade Session MFA Status | detail → |
| POST | /sessions/{session_id}/validate | Validate Session | detail → |
| POST | /tokens/blacklist | Blacklist Token | detail → |
| GET | /tokens/blacklist/check | Check Token Blacklist Status | detail → |
Session Management - Admin APIs
| Method | Path | Summary | |
| GET | /admin/trusted-devices | Admin list trusted devices | detail → |
| DELETE | /admin/trusted-devices/{device_id} | Admin revoke trusted device | detail → |
Session Management - Internal APIs
| Method | Path | Summary | |
| POST | /internal/session/blacklist-token | Blacklist Token (Internal) | detail → |
| POST | /internal/session/create | Create Session (Internal) | detail → |
| POST | /internal/session/export-user-data | Export User Session Data (Internal) | detail → |
| POST | /internal/session/generate-tokens | Generate Token Pair (Internal) | detail → |
| DELETE | /internal/session/session/user/{user_id} | Revoke All User Sessions (Internal) | detail → |
| GET | /internal/session/sessions/{user_id} | Get User Active Sessions (Internal) | detail → |
| GET | /internal/session/sessions/{user_id}/active | Check User Active Sessions (Internal) | detail → |
| GET | /internal/session/trusted-devices | List trusted devices | detail → |
| POST | /internal/session/trusted-devices | Create trusted device | detail → |
| DELETE | /internal/session/trusted-devices/{device_fingerprint} | Revoke trusted device | detail → |
| POST | /internal/session/validate-token | Validate Access Token (Internal) | detail → |
| GET | /internal/session/{session_id}/usage | Get Session Daily Usage Stats (Internal) | detail → |
| POST | /internal/session/{session_id}/usage | Track Session Usage (Internal) | detail → |