The sessions
endpoint provides information about the application’s HTTP sessions that are managed by Spring Session.
Retrieving Sessions
To retrieve the sessions, make a GET
request to /actuator/sessions
, as shown in the following curl-based example:
$ curl 'http://localhost:8080/actuator/sessions?username=alice' -i -X GET
The preceding examples retrieves all of the sessions for the user whose username is alice
.
The resulting response is similar to the following:
HTTP/1.1 200 OK
Content-Type: application/vnd.spring-boot.actuator.v3+json
Content-Length: 789
{
"sessions" : [ {
"id" : "dcb8205c-bf12-4a67-8276-3465388cf3f1",
"attributeNames" : [ ],
"creationTime" : "2024-09-19T07:28:37.000609935Z",
"lastAccessedTime" : "2024-09-19T09:28:25.000610867Z",
"maxInactiveInterval" : 1800,
"expired" : false
}, {
"id" : "4db5efcc-99cb-4d05-a52c-b49acfbb7ea9",
"attributeNames" : [ ],
"creationTime" : "2024-09-19T04:28:37.000603813Z",
"lastAccessedTime" : "2024-09-19T09:28:00.000606348Z",
"maxInactiveInterval" : 1800,
"expired" : false
}, {
"id" : "e9cea084-1112-4c42-8f21-3c4dae14b6f0",
"attributeNames" : [ ],
"creationTime" : "2024-09-18T21:28:36.996894519Z",
"lastAccessedTime" : "2024-09-19T09:27:51.996900210Z",
"maxInactiveInterval" : 1800,
"expired" : false
} ]
}
Query Parameters
The endpoint uses query parameters to limit the sessions that it returns. The following table shows the single required query parameter:
Parameter | Description |
---|---|
|
Name of the user. |
Response Structure
The response contains details of the matching sessions. The following table describes the structure of the response:
Path | Type | Description |
---|---|---|
|
|
Sessions for the given username. |
|
|
ID of the session. |
|
|
Names of the attributes stored in the session. |
|
|
Timestamp of when the session was created. |
|
|
Timestamp of when the session was last accessed. |
|
|
Maximum permitted period of inactivity, in seconds, before the session will expire. |
|
|
Whether the session has expired. |
Parameter | Description |
---|---|
|
Name of the user. |
Path | Type | Description |
---|---|---|
|
|
Sessions for the given username. |
|
|
ID of the session. |
|
|
Names of the attributes stored in the session. |
|
|
Timestamp of when the session was created. |
|
|
Timestamp of when the session was last accessed. |
|
|
Maximum permitted period of inactivity, in seconds, before the session will expire. |
|
|
Whether the session has expired. |
Retrieving a Single Session
To retrieve a single session, make a GET
request to /actuator/sessions/{id}
, as shown in the following curl-based example:
$ curl 'http://localhost:8080/actuator/sessions/4db5efcc-99cb-4d05-a52c-b49acfbb7ea9' -i -X GET
The preceding example retrieves the session with the id
of 4db5efcc-99cb-4d05-a52c-b49acfbb7ea9
.
The resulting response is similar to the following:
HTTP/1.1 200 OK
Content-Type: application/vnd.spring-boot.actuator.v3+json
Content-Length: 208
{"id":"4db5efcc-99cb-4d05-a52c-b49acfbb7ea9","attributeNames":[],"creationTime":"2024-09-19T04:28:37.000603813Z","lastAccessedTime":"2024-09-19T09:28:00.000606348Z","maxInactiveInterval":1800,"expired":false}
Response Structure
The response contains details of the requested session. The following table describes the structure of the response:
Path | Type | Description |
---|---|---|
|
|
ID of the session. |
|
|
Names of the attributes stored in the session. |
|
|
Timestamp of when the session was created. |
|
|
Timestamp of when the session was last accessed. |
|
|
Maximum permitted period of inactivity, in seconds, before the session will expire. |
|
|
Whether the session has expired. |
Path | Type | Description |
---|---|---|
|
|
ID of the session. |
|
|
Names of the attributes stored in the session. |
|
|
Timestamp of when the session was created. |
|
|
Timestamp of when the session was last accessed. |
|
|
Maximum permitted period of inactivity, in seconds, before the session will expire. |
|
|
Whether the session has expired. |
Deleting a Session
To delete a session, make a DELETE
request to /actuator/sessions/{id}
, as shown in the following curl-based example:
$ curl 'http://localhost:8080/actuator/sessions/4db5efcc-99cb-4d05-a52c-b49acfbb7ea9' -i -X DELETE
The preceding example deletes the session with the id
of 4db5efcc-99cb-4d05-a52c-b49acfbb7ea9
.