Managing Server Side Sessions with AdminUI
Server Side Sessions were a feature brought out in IdentityServer Duende 6.1. This feature allows you to store session state in the database rather than in a cookie.
If you want to read more about server side sessions including how to enable them you can read the official duende release article
Server side sessions can either be viewed under the "Users" section in the navigation or per user when editing a user e.g:
On these pages you can:
- Filter sessions
- Find all sessions created since a given date
- Find all sessions expired before a given date
- Search by Subject
- Delete Records
- This just calls delete
- If you want more fully fledged deletion we offer a webhook so you can call off to an endpoint
To view the records you will need any of these permissions: - All - All Read Only - User Manager - User Manager Read Only
To delete records you need any of the following permissions: - All - User Manager
Deleting a session
By default AdminUI will only remove the session from the database. If you want to configure further actions to happen on delete AdminUI provides a Server Side Session webhook that will fire when a session is deleted.
You can find out how to implement this feature in our webhooks section
How to disable
This feature is enabled by default. If you do not intend to use this feature you can disable it by configuring the "EnableSessionManagement" feature flag in your settings.
To do this please refer to our configuration documentation.