Close Secure Session
POST
/web/v1/secure-channel/session/closeNoneInvalidates an existing secure channel session, immediately revoking access to the associated encryption keys. After closure, any requests using this session ID will be rejected.
Authentication
Auth Chain: None — this is a public endpoint. No JWT or Turnstile required.
Request Parameters
| Name | Type | Required | In | Description |
|---|---|---|---|---|
X-Secure-Channel-Session-Id | string | Yes | header | Session ID to invalidate |
Success Response
No Content200
{
"version": "1.3.0",
"timestamp": 1709337600000,
"success": true,
"code": "2000",
"message": "SUCCESS",
"data": null
}Error Responses
Bad Request400
{
"success": false,
"code": "4000",
"message": "Session ID header is required"
}Notes
- Closing a session is idempotent; closing an already-closed or expired session does not produce an error.
- Sessions also expire automatically based on their configured TTL.
- Clients should close sessions explicitly when they are no longer needed to minimize the window of key exposure.