Devices
Revoke All User Devices
Revoke access for all devices belonging to a user except the current one
POST
This endpoint requires authentication and the
viewUserDevices permission.Path Parameters
The UUID of the user whose devices to revoke
Response
A successful request returns HTTP 204 No Content status. The following actions are performed:- If the current device belongs to the target user, it is preserved
- All other refresh tokens for the user are blacklisted
- All associated access tokens are blacklisted
- The blacklisted tokens are removed from the database
Error Responses
Error details when the request fails
Common error cases:
- 400 Bad Request: Invalid user ID format
- 401 Unauthorized: Missing or invalid access token
- 403 Forbidden: Insufficient permissions (missing viewUserDevices)
- 404 Not Found: User not found
