- Kibana Guide: other versions:
- What is Kibana?
- What’s new in 8.13
- Kibana concepts
- Quick start
- Set up
- Install Kibana
- Configure Kibana
- Alerting and action settings
- APM settings
- Banners settings
- Cases settings
- Enterprise Search settings
- Fleet settings
- i18n settings
- Logging settings
- Logs settings
- Metrics settings
- Monitoring settings
- Reporting settings
- Search sessions settings
- Secure settings
- Security settings
- Spaces settings
- Task Manager settings
- Telemetry settings
- URL drilldown settings
- Start and stop Kibana
- Access Kibana
- Securing access to Kibana
- Add data
- Upgrade Kibana
- Configure security
- Configure reporting
- Configure logging
- Configure monitoring
- Command line tools
- Production considerations
- Discover
- Dashboard and visualizations
- Canvas
- Maps
- Build a map to compare metrics by country or region
- Track, visualize, and alert on assets in real time
- Map custom regions with reverse geocoding
- Heat map layer
- Tile layer
- Vector layer
- Plot big data
- Search geographic data
- Configure map settings
- Connect to Elastic Maps Service
- Import geospatial data
- Troubleshoot
- Reporting and sharing
- Machine learning
- Graph
- Alerting
- Observability
- APM
- Set up
- Get started
- How-to guides
- Configure APM agents with central config
- Control access to APM data
- Create an alert
- Create custom links
- Filter data
- Find transaction latency and failure correlations
- Identify deployment details for APM agents
- Integrate with machine learning
- Exploring mobile sessions with Discover
- Viewing sessions with Discover
- Observe Lambda functions
- Query your data
- Storage Explorer
- Track deployments with annotations
- Users and privileges
- Settings
- REST API
- Troubleshooting
- Security
- Dev Tools
- Fleet
- Osquery
- Stack Monitoring
- Stack Management
- REST API
- Get features API
- Kibana spaces APIs
- Kibana role management APIs
- User session management APIs
- Saved objects APIs
- Data views API
- Get all data views
- Get data view
- Create data view
- Update data view
- Delete data view
- Swap references preview
- Swap references
- Get default data view
- Set default data view
- Update data view fields metadata
- Get runtime field
- Create runtime field
- Upsert runtime field
- Update runtime field
- Delete runtime field
- Index patterns APIs
- Alerting APIs
- Action and connector APIs
- Cases APIs
- Add comment
- Create case
- Delete cases
- Delete comments
- Find case activity
- Find cases
- Find connectors
- Get alerts
- Get case activity
- Get case
- Get case status
- Get cases by alert
- Get comments
- Get configuration
- Get reporters
- Get tags
- Push case
- Set configuration
- Update cases
- Update comment
- Update configuration
- Import and export dashboard APIs
- Logstash configuration management APIs
- Machine learning APIs
- Osquery manager API
- Short URLs APIs
- Get Task Manager health
- Upgrade assistant APIs
- Synthetics APIs
- Uptime APIs
- Kibana plugins
- Troubleshooting
- Accessibility
- Release notes
- Kibana 8.13.4
- Kibana 8.13.3
- Kibana 8.13.2
- Kibana 8.13.1
- Kibana 8.13.0
- Kibana 8.12.2
- Kibana 8.12.1
- Kibana 8.12.0
- Kibana 8.11.4
- Kibana 8.11.3
- Kibana 8.11.2
- Kibana 8.11.1
- Kibana 8.11.0
- Kibana 8.10.4
- Kibana 8.10.3
- Kibana 8.10.2
- Kibana 8.10.1
- Kibana 8.10.0
- Kibana 8.9.2
- Kibana 8.9.1
- Kibana 8.9.0
- Kibana 8.8.2
- Kibana 8.8.1
- Kibana 8.8.0
- Kibana 8.7.1
- Kibana 8.7.0
- Kibana 8.6.1
- Kibana 8.6.0
- Kibana 8.5.2
- Kibana 8.5.1
- Kibana 8.5.0
- Kibana 8.4.3
- Kibana 8.4.2
- Kibana 8.4.1
- Kibana 8.4.0
- Kibana 8.3.3
- Kibana 8.3.2
- Kibana 8.3.1
- Kibana 8.3.0
- Kibana 8.2.3
- Kibana 8.2.2
- Kibana 8.2.1
- Kibana 8.2.0
- Kibana 8.1.3
- Kibana 8.1.2
- Kibana 8.1.1
- Kibana 8.1.0
- Kibana 8.0.0
- Kibana 8.0.0-rc2
- Kibana 8.0.0-rc1
- Kibana 8.0.0-beta1
- Kibana 8.0.0-alpha2
- Kibana 8.0.0-alpha1
- Developer guide
Invalidate user sessions API
editInvalidate user sessions API
edit[preview] This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features. Invalidates user sessions that match provided query.
Prerequisite
editTo use the invalidate user sessions API, you must be a superuser
.
Request
editPOST <kibana host>:<port>/api/security/session/_invalidate
Request body
edit-
match
-
(Required, string) Specifies how Kibana determines which sessions to invalidate. Can either be
all
to invalidate all existing sessions, orquery
to only invalidate sessions that match the query specified in the additionalquery
parameter. -
query
-
(Optional, object) Specifies the query that Kibana uses to match the sessions to invalidate when the
match
parameter is set toquery
. You cannot use this parameter ifmatch
is set toall
.Properties of
query
-
provider
-
(Required, object) Describes the authentication providers for which to invalidate sessions.
-
type
-
(Required, string) The authentication provider
type
. -
name
-
(Optional, string) The authentication provider
name
.
-
-
username
- (Optional, string) The username for which to invalidate sessions.
-
Response body
edit-
total
- (number) The number of successfully invalidated sessions.
Response codes
edit-
200
- Indicates a successful call.
-
403
- Indicates that the user may not be authorized to invalidate sessions for other users. Refer to prerequisites.
Examples
editInvalidate all existing sessions:
$ curl -X POST api/security/session/_invalidate { "match" : "all" }
Invalidate sessions that were created by any SAML authentication provider:
$ curl -X POST api/security/session/_invalidate { "match" : "query", "query": { "provider" : { "type": "saml" } } }
Invalidate sessions that were created by the SAML authentication provider with the name saml1
:
$ curl -X POST api/security/session/_invalidate { "match" : "query", "query": { "provider" : { "type": "saml", "name": "saml1" } } }
Invalidate sessions that were created by any OpenID Connect authentication provider for the user with the username user@my-oidc-sso.com
:
$ curl -X POST api/security/session/_invalidate { "match" : "query", "query": { "provider" : { "type": "oidc" }, "username": "user@my-oidc-sso.com" } }