GET /v1/auth/sessions
List the caller's active sessions.
::: tip Auth Required: cookie or Bearer. :::
Request
GET /v1/auth/sessions
Response
200 OK
[
{
"id": "9a4d3c1e-...",
"user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_5)...",
"ip_address": "203.0.113.42",
"last_active_at": "2026-05-28T08:14:22Z",
"is_current": true,
"created_at": "2026-05-15T10:30:00Z"
},
{
"id": "b7e2f1c4-...",
"user_agent": "iPhone Safari 17.4",
"ip_address": "198.51.100.7",
"last_active_at": "2026-05-27T22:01:45Z",
"is_current": false,
"created_at": "2026-05-20T14:00:00Z"
}
]
| Field | Notes |
|---|---|
is_current | true only for the session that signed this request. |
user_agent / ip_address | Best-effort. May be null for sessions that arrived without those headers. |
last_active_at | Updated by the auth middleware on every authenticated request (subject to a short debounce). |
Error responses
| Status | Code | When |
|---|---|---|
| 401 | authentication_required | No valid auth credential. |
Notes
- Sessions are sorted by
last_active_atdescending. - Revoked sessions are excluded.