Wallet Core Admin

List Your Sessions

View all active sessions for your account.

Endpoint

GET/auth/admin/sessions

List all active sessions for the authenticated admin.

Headers

Parameter	Type	Required	Description
`Authorization`	string	Yes	Bearer {access_token}

Response- List of sessions

json

{
  "sessions": [
    {
      "session_id": "550e8400-e29b-41d4-a716-446655440000",
      "created_at": "2025-01-14T10:30:00Z",
      "expires_at": "2025-01-21T10:30:00Z",
      "revoked_at": null,
      "current": true,
      "ip_address": "192.168.1.100",
      "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)",
      "last_used_at": "2025-01-14T12:00:00Z"
    },
    {
      "session_id": "660e8400-e29b-41d4-a716-446655440001",
      "created_at": "2025-01-10T08:00:00Z",
      "expires_at": "2025-01-17T08:00:00Z",
      "revoked_at": null,
      "current": false,
      "ip_address": "10.0.0.50",
      "user_agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 17_0)",
      "last_used_at": "2025-01-13T15:30:00Z"
    }
  ]
}

Session Fields

Field	Type	Description
session_id	UUID	Unique session identifier
created_at	timestamp	When the session was created
expires_at	timestamp	When the session will expire
revoked_at	timestamp	When revoked (null if active)
current	boolean	True if this is the current session
ip_address	string	IP address of the session
user_agent	string	Browser/device user agent
last_used_at	timestamp	Last activity time

Revoke Session

Terminate a specific session.

Endpoint

DELETE/auth/admin/sessions/{sessionID}

Revoke a specific session. The session will be immediately invalidated.

Headers

Parameter	Type	Required	Description
`Authorization`	string	Yes	Bearer {access_token}

Path Parameters

Parameter	Type	Required	Description
`sessionID`	string	Yes	UUID of the session to revoke

Response- No content on success (HTTP 204)

json

Error Responses

Status	Code	Description
404	`not_found`	Session not found or already revoked

Revoke All Sessions

Terminate all your sessions at once.

Endpoint

POST/auth/admin/sessions/revoke-all

Revoke all sessions for the authenticated admin. Optionally preserve the current session.

Headers

Parameter	Type	Required	Description
`Authorization`	string	Yes	Bearer {access_token}
`Content-Type`	string	Yes	application/json

Request Body- Revocation options

json

{
  "include_current": false
}

Response- No content on success (HTTP 204)

json

Request Body Parameters

Field	Type	Default	Description
include_current	boolean	false	If true, also revokes the current session (logs you out)

List User Sessions (Admin)

View sessions for another admin user.

Endpoint

GET/auth/admin/users/{userID}/sessions

List all sessions for a specific admin user. Requires admin role.

Headers

Parameter	Type	Required	Description
`Authorization`	string	Yes	Bearer {access_token}

Path Parameters

Parameter	Type	Required	Description
`userID`	string	Yes	UUID of the admin user

Response- List of user's sessions

json

{
  "sessions": [
    {
      "session_id": "550e8400-e29b-41d4-a716-446655440000",
      "created_at": "2025-01-14T10:30:00Z",
      "expires_at": "2025-01-21T10:30:00Z",
      "current": false,
      "ip_address": "192.168.1.100",
      "user_agent": "Mozilla/5.0...",
      "last_used_at": "2025-01-14T12:00:00Z"
    }
  ]
}

Error Responses

Status	Code	Description
403	`forbidden`	Admin role required

Revoke User Session (Admin)

Terminate a specific session for another user.

Endpoint

DELETE/auth/admin/users/{userID}/sessions/{sessionID}

Revoke a specific session for another admin user. Requires admin role.

Headers

Parameter	Type	Required	Description
`Authorization`	string	Yes	Bearer {access_token}

Path Parameters

Parameter	Type	Required	Description
`userID`	string	Yes	UUID of the admin user
`sessionID`	string	Yes	UUID of the session to revoke

Response- No content on success (HTTP 204)

json

Error Responses

Status	Code	Description
403	`forbidden`	Admin role required
404	`not_found`	Session not found

Revoke All User Sessions (Admin)

Terminate all sessions for another user.

Endpoint

POST/auth/admin/users/{userID}/sessions/revoke-all

Revoke all sessions for a specific admin user. Requires admin role.

Headers

Parameter	Type	Required	Description
`Authorization`	string	Yes	Bearer {access_token}

Path Parameters

Parameter	Type	Required	Description
`userID`	string	Yes	UUID of the admin user

Response- No content on success (HTTP 204)

json

Error Responses

Status	Code	Description
403	`forbidden`	Admin role required

Documentation

Session Management

List Your Sessions

Endpoint

Session Fields

Revoke Session

Endpoint

Revoke All Sessions

Endpoint

Request Body Parameters

List User Sessions (Admin)

Endpoint

Revoke User Session (Admin)

Endpoint

Revoke All User Sessions (Admin)

Endpoint