Hi Team,
I am checking the capabilities of Auth0 for various use cases and need help on Auth0’s session. Below is the scenario
- User accessing the application on Google chrome - Logs to the OAuth application integrated with Auth0 by providing username and password.
- The same user is now accessing the application on Edge - Logs to the OAuth application integrated with Auth0 by providing a username and password.
What I want is once the user executes point#2, I want to kill the session created on Google chrome. So, I have below questions related to the solution -
- Is it possible to invalidate the user’s Auth0 session programmatically?
- Is there a way in Auth0 where I can check if the user has any existing active Auth0 sessions or not?
- Does Auth0 provide any API to check if the given session(by passing session_id from the logs of the user) is valid?
I have gone through the Auth0 authentication API document, and it states the user’s Auth0 session could be invalidated by redirecting it to https://domain/v2/logout endpoint on the browser.