Authentication

Invalidate session

Revoke an active access token to log out a user and end their session.

DELETE
DELETE
DELETE

https://api.docly.com/v1/auth/session

Request

curl --request DELETE \
  --url https://api.yourdomain.com/v1/auth/session \
  --header "Authorization: Bearer ACCESS_TOKEN" \
  --header "Content-Type: application/json" \
  --data '{
    "session_id": "sess_82bd91fa",
    "reason": "user_logout"
  }'

Request

curl --request DELETE \
  --url https://api.yourdomain.com/v1/auth/session \
  --header "Authorization: Bearer ACCESS_TOKEN" \
  --header "Content-Type: application/json" \
  --data '{
    "session_id": "sess_82bd91fa",
    "reason": "user_logout"
  }'

Request

curl --request DELETE \
  --url https://api.yourdomain.com/v1/auth/session \
  --header "Authorization: Bearer ACCESS_TOKEN" \
  --header "Content-Type: application/json" \
  --data '{
    "session_id": "sess_82bd91fa",
    "reason": "user_logout"
  }'

200

401

{
  "success": true,
  "invalidated_session_id": "sess_82bd91fa",
  "revoked_tokens": 2,
  "revoked_at": "2026-02-16T15:42:12Z"
}

200

401

{
  "success": true,
  "invalidated_session_id": "sess_82bd91fa",
  "revoked_tokens": 2,
  "revoked_at": "2026-02-16T15:42:12Z"
}

200

401

{
  "success": true,
  "invalidated_session_id": "sess_82bd91fa",
  "revoked_tokens": 2,
  "revoked_at": "2026-02-16T15:42:12Z"
}

Terminate an active authentication session and revoke its associated tokens.

Use this endpoint to log a user out, revoke compromised credentials, or enforce session termination across devices.

Authorizations

Authorization

string

required

A valid access token identifying the session to invalidate.

Format: Authorization: Bearer <access_token>

The token must belong to an active sessio

Authorizations

Authorization

string

required

A valid access token identifying the session to invalidate.

Format: Authorization: Bearer <access_token>

The token must belong to an active sessio

Authorizations

Authorization

string

required

A valid access token identifying the session to invalidate.

Format: Authorization: Bearer <access_token>

The token must belong to an active sessio

Response Fields

success

boolean

required

Indicates whether the session was successfully invalidated.

invalidated_session_id

string

required

Identifier of the session that was terminated.

revoked_tokens

integer

required

Number of tokens revoked as part of the invalidation.

revoked_at

string

required

ISO 8601 timestamp indicating when the session was invalidated.

Example: "2026-02-16T15:42:12Z"

Response Fields

success

boolean

required

Indicates whether the session was successfully invalidated.

invalidated_session_id

string

required

Identifier of the session that was terminated.

revoked_tokens

integer

required

Number of tokens revoked as part of the invalidation.

revoked_at

string

required

ISO 8601 timestamp indicating when the session was invalidated.

Example: "2026-02-16T15:42:12Z"

Response Fields

success

boolean

required

Indicates whether the session was successfully invalidated.

invalidated_session_id

string

required

Identifier of the session that was terminated.

revoked_tokens

integer

required

Number of tokens revoked as part of the invalidation.

revoked_at

string

required

ISO 8601 timestamp indicating when the session was invalidated.

Example: "2026-02-16T15:42:12Z"

Error Fields

error_code

string

required

Machine-readable identifier describing the failure.

Possible values:

  • session_not_found

  • session_already_invalidated

  • unauthorized

  • insufficient_permissions

error_description

string

required

Detailed explanation of why the request failed.

Error Fields

error_code

string

required

Machine-readable identifier describing the failure.

Possible values:

  • session_not_found

  • session_already_invalidated

  • unauthorized

  • insufficient_permissions

error_description

string

required

Detailed explanation of why the request failed.

Error Fields

error_code

string

required

Machine-readable identifier describing the failure.

Possible values:

  • session_not_found

  • session_already_invalidated

  • unauthorized

  • insufficient_permissions

error_description

string

required

Detailed explanation of why the request failed.

Previous

Previous

Previous

Next

Authenticate user

Next

Authenticate user

Next

Need help? Contact Support

Join our Discord Community

Questions? Contact Sales

Request

curl --request DELETE \
  --url https://api.yourdomain.com/v1/auth/session \
  --header "Authorization: Bearer ACCESS_TOKEN" \
  --header "Content-Type: application/json" \
  --data '{
    "session_id": "sess_82bd91fa",
    "reason": "user_logout"
  }'

200

401

{
  "success": true,
  "invalidated_session_id": "sess_82bd91fa",
  "revoked_tokens": 2,
  "revoked_at": "2026-02-16T15:42:12Z"
}

Create a free website with Framer, the website builder loved by startups, designers and agencies.