POST
/
sessions
/
validate
Validate a session
curl --request POST \
  --url https://{tenant_id}.hanko.io/sessions/validate \
  --header 'Content-Type: application/json' \
  --data '{
  "session_token": "<string>"
}'
{
  "is_valid": true,
  "expiration_time": "2023-11-07T05:31:56Z",
  "user_id": "<string>",
  "claims": {
    "subject": "c339547d-e17d-4ba7-8a1d-b3d5a4d17c1c",
    "issued_at": "2023-11-07T05:31:56Z",
    "expiration": "2023-11-07T05:31:56Z",
    "audience": [
      "<string>"
    ],
    "issuer": "<string>",
    "email": {
      "address": "jsmith@example.com",
      "is_primary": true,
      "is_verified": true
    },
    "session_id": "c339547d-e17d-4ba7-8a1d-b3d5a4d17c1c"
  }
}

Body

application/json
session_token
string<JWT>
required

The session token (JWT) to validate

Response

Session validation response

is_valid
boolean

Indicates whether the session is valid or not

expiration_time
string<date-time>
deprecated

Date-time indicating the expiration of the session. Deprecated, please use claims.expiration instead.

user_id
string<uuid4>
deprecated

The ID of the user the session is associated with. Deprecated, please use claims.subject instead.

claims
object

The claims extracted from a JWT.