Revoke every session of an account for the calling application.
const url = 'https://connect-api.sudomimus.com/revoke-all';const options = { method: 'POST', headers: {'Content-Type': 'application/json'}, body: '{"subject":"example"}'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://connect-api.sudomimus.com/revoke-all \ --header 'Content-Type: application/json' \ --data '{ "subject": "example" }'Revokes all refresh tokens belonging to the given account that were issued for the calling application (log out everywhere). This is an application-authority action — not something a single session capability can authorize — so it requires a client-auth JWT, exactly like /establish. Revocation is scoped to the calling application; sessions of the same account under other applications are unaffected.
Authorizations
Section titled “Authorizations ”Request Body required
Section titled “Request Body required ”object
The sector subject the application sees for the user (the access / id token sub). Reverse-mapped server-side to the underlying account, whose sessions are then revoked for the calling application. A subject the application has never been issued (or one from another sector) revokes nothing.
Example generated
{ "subject": "example"}Responses
Section titled “ Responses ”Number of sessions revoked.
object
Number of refresh tokens that were revoked.
Example generated
{ "revokedCount": 1}Client-auth JWT missing, malformed, expired, or invalid.
Error response body. The Connect service emits { "reason": "<SymbolDescription>" }
for known failure modes. When the reason symbol’s description begins with
PRIVATE, the body is empty (zero bytes) and only the HTTP status carries
signal — both reason and the body itself are absent in that case.
object
Stable machine-readable reason code.
Example generated
{ "reason": "example"}default
Section titled “default ”Error response.
Error response body. The Connect service emits { "reason": "<SymbolDescription>" }
for known failure modes. When the reason symbol’s description begins with
PRIVATE, the body is empty (zero bytes) and only the HTTP status carries
signal — both reason and the body itself are absent in that case.
object
Stable machine-readable reason code.
Example generated
{ "reason": "example"}