Revoke all sessions for the current user and clear cookies
Idempotent. If no valid session exists, the route still returns 200 and clears cookies.
curl -X POST "https://mail.haltman.io/api/auth/sign-out-all" \
-H "Content-Type: application/json" \
-H "X-CSRF-Token: YOUR_API_KEY"
import requests
import json
url = "https://mail.haltman.io/api/auth/sign-out-all"
headers = {
"Content-Type": "application/json",
"X-CSRF-Token": "YOUR_API_KEY"
}
response = requests.post(url, headers=headers)
print(response.json())
const response = await fetch("https://mail.haltman.io/api/auth/sign-out-all", {
method: "POST",
headers: {
"Content-Type": "application/json",
"X-CSRF-Token": "YOUR_API_KEY"
}
});
const data = await response.json();
console.log(data);
package main
import (
"fmt"
"net/http"
)
func main() {
req, err := http.NewRequest("POST", "https://mail.haltman.io/api/auth/sign-out-all", nil)
if err != nil {
panic(err)
}
req.Header.Set("Content-Type", "application/json")
req.Header.Set("X-CSRF-Token", "YOUR_API_KEY")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
fmt.Println("Response Status:", resp.Status)
}
require 'net/http'
require 'json'
uri = URI('https://mail.haltman.io/api/auth/sign-out-all')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
request = Net::HTTP::Post.new(uri)
request['Content-Type'] = 'application/json'
request['X-CSRF-Token'] = 'YOUR_API_KEY'
response = http.request(request)
puts response.body
{
"ok": true,
"action": "sign_out_all",
"signed_out_all": true,
"sessions_revoked": 42
}
{
"error": "Forbidden",
"message": "You don't have permission to access this resource",
"code": 403
}
POST
/api/auth/sign-out-all
POST
API Key (cookie: __Host-access)
__Host-accessstring
RequiredAccess-session cookie used for user and admin authentication.
Access-session cookie used for user and admin authentication.
API Key (header: X-CSRF-Token)
X-CSRF-Tokenstring
RequiredCSRF token derived from the current session family.
CSRF token derived from the current session family.
Request Preview
Response
Response will appear here after sending the request
Authentication
path
parameterstring
RequiredAPI Key for authentication. Access-session cookie used for user and admin authentication.
header
X-CSRF-Tokenstring
RequiredAPI Key for authentication. CSRF token derived from the current session family.
Responses
okboolean
Requiredactionstring
RequiredAllowed values:
sign_out_allsigned_out_allboolean
Requiredsessions_revokedinteger
RequiredWas this page helpful?
Last updated 2 days ago
Built with Documentation.AI