3.6 Sessions

Sessions page provides insights into active user sessions within the realm. Using this page, you can monitor, view, and manage user login sessions across applications.

What Is a Session in Ztrust?

Session is a data structure maintained by Ztrust that includes: Who is logged in, when they logged in, and which applications (clients) they have accessed during that login. There are two types:

  • User Session:

    • Created when a user logs in to ZTrust.

    • Tracks the user’s identity, login time, and all clients/applications they access during that session.

    • A single user session can cover multiple client sessions.

  • Client Session:

    • Represents a specific login of a user to a particular client (application).

    • Multiple client sessions can exist within a single user session.

    Example: If a user logs into the realm and accesses three different apps, there will be one user session but three client sessions.

How ZTrust Handles Sessions

Whenever a user logs into a realm, ZTrust automatically:

  • Creates a user session for that individual.

  • Tracks all clients accessed by that user during that session.

  • Maintains session information for authentication and Single Sign-On (SSO).

Available Actions on User Sessions

ZTrust provides several actions to manage user sessions effectively:

1. Revocation

  • Allows you to invalidate all active user sessions and access tokens.

  • Useful in case of:

    • Security breaches

    • Policy changes

    • Forced logout requirements

  • When you click Revocation, you’ll see the following options:

    • Not Before

      • Sets a cut-off date and time.

      • Any session or token issued before this time will automatically become invalid.

    • Set to Now

      • Instantly sets the current date and time as the revocation point.

      • Any session issued before now becomes invalid.

    • Clear

      • Removes the revocation date and time if you no longer want to enforce it.

    • Push

      • Sends the revocation policy to all registered OIDC clients integrated via the ZTrust Client Adapter.

    • Cancel

      • Discards the changes and leaves sessions unaffected.

  1. Sign Out All Active Sessions:

    Clicking Sign out all active sessions immediately:

    • Logs out all users within the realm.

    • Invalidates all SSO cookies.

    • Forces users to log in again.

Previous3.5 GroupsNext3.7 Events

Last updated