Session Management Page
Component Detail
User Interface
medium complexity
frontend
0
Dependencies
0
Dependents
1
Entities
0
Integrations
Description
Admin-facing page that lists active user sessions within an organization with device and last-activity metadata. Allows Org Admins to inspect session details and trigger revocation of individual sessions, as well as configure session policy controls.
session-management-page
Sources & reasoning
Session Management is taxonomy-required at line 380 and operationally grounded by the auth model at lines 152 and 205, which explicitly call out admin-initiated revocation and refresh-token rotation. Not in MVP scope at lines 244-247, so target_release resolves to Core Product per rule 3.
-
docs/source/likeperson.md · line 380Session Management | Session Management Page [ui] | Session Service [service] | Session Store [data]
-
docs/source/likeperson.md · line 205Issues short-lived access tokens plus rotating refresh tokens; sessions survive silently across token expiry and end cleanly when the refresh chain is broken.
-
docs/source/likeperson.md · line 152Session revocation (sign-out, forced expiry, admin-initiated)
Responsibilities
- Render a searchable, filterable list of active sessions per user
- Display device, IP, location, and last-activity metadata for each session
- Provide a revoke action with confirmation dialog for individual sessions
- Expose session-policy controls such as max duration and refresh-token rotation
- Surface success and error feedback after session operations
Interfaces
loadActiveSessions(orgId, userId?): SessionListView
revokeSession(sessionId): RevokeResult
updateSessionPolicy(orgId, policy): PolicyUpdateResult