Managing user sessions and tokens
Starting from release 2024.2, administrators can manage individual user sessions and tokens through the Validate portal.
The manage user sessions permission allows you to:
-
terminate a user's Validate sessions
-
revoke user tokens
Terminate user sessions
Terminating user sessions can be useful when users are logged into Validate from different IP addresses and have reached the limit of two simultaneous open sessions (see Error: Maximum number of open sessions reached).
To terminate user sessions:
-
Navigate to Sessions tab in the Validate portal. A list of users will be displayed.
-
Click the Terminate sessions button next to the specific user sessions you want to end.
Alternatively, you can select Terminate all sessions to end all user sessions.
Revoke user tokens
Revoking user tokens is an essential security measure to ensure that unauthorized access to resources is prevented, especially when a user's credentials are compromised or when access needs to be terminated.
When you revoke a user's token, they will be prompted to generate a new one in order to be authorized into Klocwork. This also means that users who selected the "remember me" option will be required to log in again once their browser session expires.
To revoke user tokens:
-
Navigate to Sessions tab in the Validate portal. A list of users will be displayed.
-
Click the Revoke tokens button next to the specific user tokens you want to revoke.
Alternatively, you can select Revoke all tokens to revoke all user tokens.