REST API for Session Management in Oracle Access Manager

Delete session(s) based on query parameters provided.

delete

/oam/services/rest/access/api/v1/session

This api / method can be used to delete sessions based on session id, userid or all sessions belonging to id store.

Request

Query Parameters

idStore: string

idStore to which user belongs. This parameter is used on conjunction with the userId parameter. If userId parameter is not provided then this parameter is ignored.
sessionId(optional): string

Id of the session which is to be deleted. If this parameter is present then other query parameters are ignored.
userId: string

User Id (loginid) of the user whose sessions are to be deleted. This parameter is used if sessionId is not provided. If this parameter is provied then idStoreParameter is also used if provided.

Response

Supported Media Types

application/json

200 Response

An array of sessions that were deleted (with maximum of 28 sessions) is returned.

Root Schema : schema

Type: array

Show Source

Array of: object SessionData

{
    "type":"array",
    "items":{
        "$ref":"#/definitions/SessionData"
    }
}

Nested Schema : SessionData

Type: object

Show Source

clientIp(optional): string

Client IP Address for the session.
createTime(optional): string(date-time)

Time at which session was created.
expiryTime(optional): string(date-time)

Expiry Time for the session.
idStoreName(optional): string

Session Identifier where user is located for this session.
isImpersonating(optional): boolean

Indicator if this is impersonating user session.
lastAccessTime(optional): string(date-time)

Last Access Time for session.
sessionId(optional): string

Session Identifier for querying the session.
sessionIndex(optional): string

Unique session identified generated by OAM session engine.
updateTime(optional): string(date-time)

Update Time for session.
userAttributes(optional): object UserAttributes

Additional Properties Allowed: NameValueAttribute

Collection of Name Value pair attributes
userId: string

User Id with which session is associated.

{
    "type":"object",
    "properties":{
        "sessionId":{
            "type":"string",
            "description":"Session Identifier for querying the session."
        },
        "sessionIndex":{
            "type":"string",
            "description":"Unique session identified generated by OAM session engine."
        },
        "createTime":{
            "type":"string",
            "format":"date-time",
            "description":"Time at which session was created."
        },
        "updateTime":{
            "type":"string",
            "format":"date-time",
            "description":"Update Time for session."
        },
        "lastAccessTime":{
            "type":"string",
            "format":"date-time",
            "description":"Last Access Time for session."
        },
        "expiryTime":{
            "type":"string",
            "format":"date-time",
            "description":"Expiry Time for the session."
        },
        "userId":{
            "type":"string",
            "description":"User Id with which session is associated."
        },
        "clientIp":{
            "type":"string",
            "description":"Client IP Address for the session."
        },
        "idStoreName":{
            "type":"string",
            "description":"Session Identifier where user is located for this session."
        },
        "isImpersonating":{
            "type":"boolean",
            "description":"Indicator if this is impersonating user session."
        },
        "userAttributes":{
            "$ref":"#/definitions/UserAttributes"
        }
    },
    "required":[
        "userId"
    ]
}

Nested Schema : UserAttributes

Type: object

Additional Properties Allowed

Show Source

object NameValueAttribute

{
    "description":"Collection of Name Value pair attributes",
    "properties":{
        "default":{
            "$ref":"#/definitions/NameValueAttribute"
        }
    },
    "additionalProperties":{
        "$ref":"#/definitions/NameValueAttribute"
    }
}

Collection of Name Value pair attributes

Show Source

default(optional): object NameValueAttribute

{
    "description":"Collection of Name Value pair attributes",
    "properties":{
        "default":{
            "$ref":"#/definitions/NameValueAttribute"
        }
    },
    "additionalProperties":{
        "$ref":"#/definitions/NameValueAttribute"
    }
}

Nested Schema : NameValueAttribute

Type: object

Show Source

attrName(optional): string

Attribute Name
attrValue(optional): string

Attribute Value

{
    "type":"object",
    "properties":{
        "attrName":{
            "type":"string",
            "description":"Attribute Name"
        },
        "attrValue":{
            "type":"string",
            "description":"Attribute Value"
        }
    }
}

404 Response

Session or user was not found. Or sessionId or userId was not provided.

500 Response

Unexpected error

Root Schema : Error

Type: object

Show Source

code(optional): integer(int32)
fields(optional): string
message(optional): string

{
    "type":"object",
    "properties":{
        "code":{
            "type":"integer",
            "format":"int32"
        },
        "message":{
            "type":"string"
        },
        "fields":{
            "type":"string"
        }
    }
}

Examples

cURL Example

This is a sample request where sessionId is used to delete a single Session.

curl -H "Content-Type: application/json" -H "Authorization: Basic <Base64 encoded auth header>" -X "DELETE" ???http://<HOST>:<PORT>/oam/services/rest/access/api/v1/session?sessionId= 3b844e4d-9019-4928-9dca-3ba2ebbf475d%7CU90idWYSK4hXcdo6LlVD2%2BJuHBLvbGtCbbhlfmoDvMA%3D???

Example of Request Body

The following example shows the contents of the response body in JSON format.

<?xml version="1.0" encoding="UTF-8"?>
<SessionResults>
<totalRecords>1</totalRecords>
<sessions>
<sessionData>
<sessionId>3b844e4d-9019-4928-9dca-3ba2ebbf475d|U90idWYSK4hXcdo6LlVD2+JuHBLvbGtCbbhlfmoDvMA=</sessionId>
<createTime>2017-05-31T13:57:59.545-07:00</createTime>
<updateTime>2017-05-31T13:57:59.545-07:00</updateTime>
<lastAccessTime>2017-05-31T13:57:59.545-07:00</lastAccessTime>
<expiryTime>2017-05-31T21:57:59.545-07:00</expiryTime>
<userId>user5</userId>
<clientIp>5.6.7.8</clientIp>
<idStoreName>UserIdentityStore1</idStoreName>
<isImpersonating>false</isImpersonating>
</sessionData>
</sessions>
</SessionResults>

cURL Example

When a user is terminated, the Administrator can search for all the user's sessions using the userId (or optionally using id-store) and delete all the sessions.

This is a sample request where userId is used to delete all the user's sessions.

curl -H "Content-Type: application/json" -H "Authorization: Basic <Base64 encoded auth header>" -X "DELETE" "http://<HOST>:<PORT>/oam/services/rest/access/api/v1/session?userId=user3"

Example of Request Body

The following example shows the contents of the response body in JSON format.

<?xml version="1.0" encoding="UTF-8"?>
<SessionResults>
<totalRecords>2</totalRecords>
<sessions>
<sessionData>
<sessionId>32de23f1-9f53-47e7-b4d5-9d0376187241|c+4quN74tM7P6qvbYVqa6BQOg3RYHDsFT3PzPajvEzM=</sessionId>
<createTime>2017-05-31T13:56:35.426-07:00</createTime>
<updateTime>2017-05-31T13:56:35.426-07:00</updateTime>
<lastAccessTime>2017-05-31T13:56:35.426-07:00</lastAccessTime>
<expiryTime>2017-05-31T21:56:35.426-07:00</expiryTime>
<userId>user3</userId>
<clientIp>1.2.3.4</clientIp>
<idStoreName>UserIdentityStore1</idStoreName>
<isImpersonating>false</isImpersonating>
</sessionData>
<sessionData>
<sessionId>3e8fd79e-03b8-4c90-bf4d-964119460a0a|c+4quN74tM7P6qvbYVqa6BQOg3RYHDsFT3PzPajvEzM=</sessionId>
<createTime>2017-05-31T13:56:52.918-07:00</createTime>
<updateTime>2017-05-31T13:56:52.918-07:00</updateTime>
<lastAccessTime>2017-05-31T13:56:52.918-07:00</lastAccessTime>
<expiryTime>2017-05-31T21:56:52.918-07:00</expiryTime>
<userId>user3</userId>
<clientIp>5.6.7.8</clientIp>
<idStoreName>UserIdentityStore1</idStoreName>
<isImpersonating>false</isImpersonating>
</sessionData>
</sessions>
</SessionResults>