Clear user-specific session settings—the session duration and what happens when the client closes—for a list of users.

Required Params

• user_ids - The IDs of users you'd like to clear session settings for. ex: ['U1234']

Errors the API can return:

• unknown_method - This method is currently not available.
• token_revoked - Authentication token is for a deleted user or workspace or the app has been removed when using a user token.
• invalid_arg_name - The method was passed an argument whose name falls outside the bounds of accepted or expected values. This includes very long names and names with non-alphanumeric characters other than _. If you get this error, it is typically an indication that you have made a very malformed API call.
• two_factor_setup_required - Two factor setup is required.
• feature_not_enabled - This method is only available to Enterprise customers.
• invalid_form_data - The method was called via a POST request with Content-Type application/x-www-form-urlencoded or multipart/form-data, but the form data was either missing or syntactically invalid.
• invalid_post_type - The method was called via a POST request, but the specified Content-Type was invalid. Valid types are: application/json application/x-www-form-urlencoded multipart/form-data text/plain.
• fatal_error - The server could not complete your operation(s) without encountering a catastrophic error. It's possible some aspect of the operation succeeded before the error was raised.
• deprecated_endpoint - The endpoint has been deprecated.
• bots_not_allowed - Bot users may not have their settings cleared.
• ratelimited - The request has been ratelimited. Refer to the Retry-After header for when to retry the request.
• ekm_access_denied - Administrators have suspended the ability to post a message.
• service_unavailable - The service is temporarily unavailable
• user_not_found - There was an error finding a requested user.
• team_access_not_granted - The token used is not granted the specific workspace access required to complete this request.
• invalid_arguments - Required arguments either were not provided or contain invalid values.
• invalid_array_arg - The method was passed an array as an argument. Please only input valid strings.
• request_timeout - The method was called via a POST request, but the POST data was either missing or truncated.
• account_inactive - Authentication token is for a deleted user or workspace when using a bot token.
• not_authed - No authentication token provided.
• internal_error - There was an internal error processing this request—please retry.
• enterprise_is_restricted - The method cannot be called from an Enterprise.
• no_permission - The workspace token used in this request does not have the permissions necessary to complete the request. Make sure your app is a member of the conversation it's attempting to post a message to.
• access_denied - Access to a resource specified in the request is denied.
• team_added_to_org - The workspace associated with your request is currently undergoing migration to an Enterprise Organization. Web API and other platform operations will be intermittently unavailable until the transition is complete.
• missing_scope - The token used is not granted the specific scope permissions required to complete this request.
• missing_post_type - The method was called via a POST request and included a data payload, but the request did not include a Content-Type header.
• accesslimited - Access to this method is limited on the current network
• not_an_admin - The owner of this token isn't an Org Owner or Admin.
• token_expired - Authentication token has expired
• invalid_charset - The method was called via a POST request, but the charset specified in the Content-Type header was invalid. Valid charset names are: utf-8 iso-8859-1.
• method_deprecated - The method has been deprecated.
• not_allowed_token_type - The token type used in this request is not allowed.
• org_login_required - The workspace is undergoing an enterprise migration and will not be available until migration is complete.
• invalid_auth - The provided token doesn't have access to this endpoint.
• admin_unauthorized - The owner of this token isn't authorized to clear sessions.

Get user-specific session settings—the session duration and what happens when the client closes—given a list of users.

Required Params

• user_ids - The IDs of users you'd like to fetch session settings for. Note: if a user does not have any active sessions, they will not be returned in the response. ex: ['U1234']

Errors the API can return:

• unknown_method - This method is currently not available.
• token_revoked - Authentication token is for a deleted user or workspace or the app has been removed when using a user token.
• invalid_arg_name - The method was passed an argument whose name falls outside the bounds of accepted or expected values. This includes very long names and names with non-alphanumeric characters other than _. If you get this error, it is typically an indication that you have made a very malformed API call.
• two_factor_setup_required - Two factor setup is required.
• feature_not_enabled - This method is only available to Enterprise customers.
• invalid_form_data - The method was called via a POST request with Content-Type application/x-www-form-urlencoded or multipart/form-data, but the form data was either missing or syntactically invalid.
• invalid_post_type - The method was called via a POST request, but the specified Content-Type was invalid. Valid types are: application/json application/x-www-form-urlencoded multipart/form-data text/plain.
• restricted_action - The owner of this token isn't an Org Owner or Admin.
• fatal_error - The server could not complete your operation(s) without encountering a catastrophic error. It's possible some aspect of the operation succeeded before the error was raised.
• deprecated_endpoint - The endpoint has been deprecated.
• bots_not_allowed - Bot sessions are not listed by this method.
• ratelimited - The request has been ratelimited. Refer to the Retry-After header for when to retry the request.
• ekm_access_denied - Administrators have suspended the ability to post a message.
• service_unavailable - The service is temporarily unavailable
• user_not_found - There was an error finding the requested user.
• team_access_not_granted - The token used is not granted the specific workspace access required to complete this request.
• invalid_arguments - Required arguments either were not provided or contain invalid values.
• invalid_array_arg - The method was passed an array as an argument. Please only input valid strings.
• request_timeout - The method was called via a POST request, but the POST data was either missing or truncated.
• account_inactive - Authentication token is for a deleted user or workspace when using a bot token.
• not_authed - No authentication token provided.
• internal_error - There was an internal error processing this request—please retry.
• enterprise_is_restricted - The method cannot be called from an Enterprise.
• no_permission - The workspace token used in this request does not have the permissions necessary to complete the request. Make sure your app is a member of the conversation it's attempting to post a message to.
• access_denied - Access to a resource specified in the request is denied.
• team_added_to_org - The workspace associated with your request is currently undergoing migration to an Enterprise Organization. Web API and other platform operations will be intermittently unavailable until the transition is complete.
• missing_scope - The token used is not granted the specific scope permissions required to complete this request.
• missing_post_type - The method was called via a POST request and included a data payload, but the request did not include a Content-Type header.
• accesslimited - Access to this method is limited on the current network
• not_an_admin - The owner of this token isn't an Org Owner or Admin.
• token_expired - Authentication token has expired
• invalid_charset - The method was called via a POST request, but the charset specified in the Content-Type header was invalid. Valid charset names are: utf-8 iso-8859-1.
• method_deprecated - The method has been deprecated.
• not_allowed_token_type - The token type used in this request is not allowed.
• org_login_required - The workspace is undergoing an enterprise migration and will not be available until migration is complete.
• invalid_auth - The provided token doesn't have access to this endpoint.
• admin_unauthorized - The owner of this token isn't authorized to list sessions.

Revoke a single session for a user. The user will be forced to login to Slack.

Required Params

• session_id - ID of the session to invalidate. ex: 12345
• user_id - ID of the user that the session belongs to. ex: U12345

Optional Params

• team_id - ID of the workspace that the session belongs to. ex: T1234

Errors the API can return:

• unknown_method - This method is currently not available.
• session_not_found - The requested session wasn't found.
• token_revoked - Authentication token is for a deleted user or workspace or the app has been removed when using a user token.
• invalid_arg_name - The method was passed an argument whose name falls outside the bounds of accepted or expected values. This includes very long names and names with non-alphanumeric characters other than _. If you get this error, it is typically an indication that you have made a very malformed API call.
• two_factor_setup_required - Two factor setup is required.
• feature_not_enabled - The token provided can't call this method.
• invalid_form_data - The method was called via a POST request with Content-Type application/x-www-form-urlencoded or multipart/form-data, but the form data was either missing or syntactically invalid.
• invalid_post_type - The method was called via a POST request, but the specified Content-Type was invalid. Valid types are: application/json application/x-www-form-urlencoded multipart/form-data text/plain.
• fatal_error - The server could not complete your operation(s) without encountering a catastrophic error. It's possible some aspect of the operation succeeded before the error was raised.
• deprecated_endpoint - The endpoint has been deprecated.
• ratelimited - The request has been ratelimited. Refer to the Retry-After header for when to retry the request.
• ekm_access_denied - Administrators have suspended the ability to post a message.
• service_unavailable - The service is temporarily unavailable
• session_invalidation_failed - There was an error invalidating the session.
• user_not_found - The requested user wasn't found.
• team_access_not_granted - The token used is not granted the specific workspace access required to complete this request.
• cannot_invalidate_primary_owner - Only the primary owner of an organization can invalidate a primary owner's sessions.
• invalid_arguments - The method was called with invalid arguments.
• invalid_array_arg - The method was passed an array as an argument. Please only input valid strings.
• request_timeout - The method was called via a POST request, but the POST data was either missing or truncated.
• account_inactive - Authentication token is for a deleted user or workspace when using a bot token.
• not_authed - No authentication token provided.
• internal_error - The server could not complete your operation(s) without encountering an error, likely due to a transient issue on our end. It's possible some aspect of the operation succeeded before the error was raised.
• enterprise_is_restricted - The method cannot be called from an Enterprise.
• no_permission - The workspace token used in this request does not have the permissions necessary to complete the request. Make sure your app is a member of the conversation it's attempting to post a message to.
• access_denied - Access to a resource specified in the request is denied.
• team_added_to_org - The workspace associated with your request is currently undergoing migration to an Enterprise Organization. Web API and other platform operations will be intermittently unavailable until the transition is complete.
• missing_scope - The token used is not granted the specific scope permissions required to complete this request.
• missing_post_type - The method was called via a POST request and included a data payload, but the request did not include a Content-Type header.
• accesslimited - Access to this method is limited on the current network
• not_an_admin - This method must be called by an Org Owner or Admin.
• token_expired - Authentication token has expired
• invalid_charset - The method was called via a POST request, but the charset specified in the Content-Type header was invalid. Valid charset names are: utf-8 iso-8859-1.
• method_deprecated - The method has been deprecated.
• not_allowed_token_type - The token type used in this request is not allowed.
• org_login_required - The workspace is undergoing an enterprise migration and will not be available until migration is complete.
• invalid_auth - The provided token doesn't have access to this endpoint.
• admin_unauthorized - The token provided doesn't have permission to revoke a session.

List active user sessions for an organization

Optional Params

• cursor - Set cursor to next_cursor returned by the previous call to list items in the next page. ex: 5c3e53d5
• limit - The maximum number of items to return. Must be between 1 - 1000 both inclusive. ex: 100
• team_id - The ID of the workspace you'd like active sessions for. If you pass a team_id, you'll need to pass a user_id as well. If no user_id and team_id are passed, you'll receive a paginated list of all sessions. When you pass user_id and team_id (which must be used together), you'll receive a list of active sessions by that user on the workspace specified by team_id. ex: T1234
• user_id - The ID of user you'd like active sessions for. If you pass a user_id, you'll need to pass a team_id as well. If no user_id and team_id are passed, you'll receive a paginated list of all sessions. When you pass user_id and team_id (which must be used together), you'll receive a list of active sessions by that user on the workspace specified by team_id. ex: U1234

Errors the API can return:

• unknown_method - This method is currently not available.
• invalid_cursor - The cursor passed was invalid.
• token_revoked - Authentication token is for a deleted user or workspace or the app has been removed when using a user token.
• invalid_arg_name - The method was passed an argument whose name falls outside the bounds of accepted or expected values. This includes very long names and names with non-alphanumeric characters other than _. If you get this error, it is typically an indication that you have made a very malformed API call.
• two_factor_setup_required - Two factor setup is required.
• feature_not_enabled - This method is only available to Enterprise customers.
• invalid_form_data - The method was called via a POST request with Content-Type application/x-www-form-urlencoded or multipart/form-data, but the form data was either missing or syntactically invalid.
• invalid_post_type - The method was called via a POST request, but the specified Content-Type was invalid. Valid types are: application/json application/x-www-form-urlencoded multipart/form-data text/plain.
• fatal_error - The server could not complete your operation(s) without encountering a catastrophic error. It's possible some aspect of the operation succeeded before the error was raised.
• deprecated_endpoint - The endpoint has been deprecated.
• missing_user - A user_id must be provided with a team_id.
• bots_not_allowed - Bot sessions are not listed by this method.
• ratelimited - The request has been ratelimited. Refer to the Retry-After header for when to retry the request.
• ekm_access_denied - Administrators have suspended the ability to post a message.
• service_unavailable - The service is temporarily unavailable
• user_not_found - There was an error finding the requested user.
• team_access_not_granted - The token used is not granted the specific workspace access required to complete this request.
• invalid_arguments - The method was called with invalid arguments.
• no_active_sessions - No active sessions were found.
• invalid_array_arg - The method was passed an array as an argument. Please only input valid strings.
• request_timeout - The method was called via a POST request, but the POST data was either missing or truncated.
• team_not_found - There was an error finding the requested workspace.
• account_inactive - Authentication token is for a deleted user or workspace when using a bot token.
• not_authed - No authentication token provided.
• internal_error - The server could not complete your operation(s) without encountering an error, likely due to a transient issue on our end. It's possible some aspect of the operation succeeded before the error was raised.
• enterprise_is_restricted - The method cannot be called from an Enterprise.
• no_permission - The workspace token used in this request does not have the permissions necessary to complete the request. Make sure your app is a member of the conversation it's attempting to post a message to.
• access_denied - Access to a resource specified in the request is denied.
• team_added_to_org - The workspace associated with your request is currently undergoing migration to an Enterprise Organization. Web API and other platform operations will be intermittently unavailable until the transition is complete.
• missing_scope - The token used is not granted the specific scope permissions required to complete this request.
• missing_post_type - The method was called via a POST request and included a data payload, but the request did not include a Content-Type header.
• accesslimited - Access to this method is limited on the current network
• missing_team - A team_id must be provided with a user_id.
• not_an_admin - The owner of this token isn't an Org Owner or Admin.
• token_expired - Authentication token has expired
• invalid_charset - The method was called via a POST request, but the charset specified in the Content-Type header was invalid. Valid charset names are: utf-8 iso-8859-1.
• method_deprecated - The method has been deprecated.
• not_allowed_token_type - The token type used in this request is not allowed.
• org_login_required - The workspace is undergoing an enterprise migration and will not be available until migration is complete.
• invalid_auth - The provided token doesn't have access to this endpoint.
• admin_unauthorized - The owner of this token isn't authorized to list sessions.

Wipes all valid sessions on all devices for a given user

Required Params

• user_id - The ID of the user to wipe sessions for ex: W12345678

Optional Params

• mobile_only - Only expire mobile sessions (default: false). Use the web_only and mobile_only parameters to wipe only web or only mobile sessions.
• web_only - Only expire web sessions (default: false). Use the web_only and mobile_only parameters to wipe only web or only mobile sessions.

Errors the API can return:

• unknown_method - This method is currently not available
• token_revoked - Authentication token is for a deleted user or workspace or the app has been removed when using a user token.
• invalid_arg_name - The method was passed an argument whose name falls outside the bounds of accepted or expected values. This includes very long names and names with non-alphanumeric characters other than _. If you get this error, it is typically an indication that you have made a very malformed API call.
• two_factor_setup_required - Two factor setup is required.
• feature_not_enabled - This method is not available for this product level
• invalid_form_data - The method was called via a POST request with Content-Type application/x-www-form-urlencoded or multipart/form-data, but the form data was either missing or syntactically invalid.
• invalid_post_type - The method was called via a POST request, but the specified Content-Type was invalid. Valid types are: application/json application/x-www-form-urlencoded multipart/form-data text/plain.
• fatal_error - The server could not complete your operation(s) without encountering a catastrophic error. It's possible some aspect of the operation succeeded before the error was raised.
• deprecated_endpoint - The endpoint has been deprecated.
• ratelimited - The request has been ratelimited. Refer to the Retry-After header for when to retry the request.
• ekm_access_denied - Administrators have suspended the ability to post a message.
• service_unavailable - The service is temporarily unavailable
• user_not_found - Error fetching user
• team_access_not_granted - The token used is not granted the specific workspace access required to complete this request.
• cannot_reset_primary_owner - Only primary owner can reset primary owner's sessions
• invalid_arguments - The method was called with invalid arguments.
• invalid_array_arg - The method was passed an array as an argument. Please only input valid strings.
• request_timeout - The method was called via a POST request, but the POST data was either missing or truncated.
• account_inactive - Authentication token is for a deleted user or workspace when using a bot token.
• not_authed - No authentication token provided.
• internal_error - There was an internal error processing this request! Please try again.
• enterprise_is_restricted - The method cannot be called from an Enterprise.
• no_permission - The workspace token used in this request does not have the permissions necessary to complete the request. Make sure your app is a member of the conversation it's attempting to post a message to.
• access_denied - Access to a resource specified in the request is denied.
• team_added_to_org - The workspace associated with your request is currently undergoing migration to an Enterprise Organization. Web API and other platform operations will be intermittently unavailable until the transition is complete.
• missing_scope - The token used is not granted the specific scope permissions required to complete this request.
• missing_post_type - The method was called via a POST request and included a data payload, but the request did not include a Content-Type header.
• accesslimited - Access to this method is limited on the current network
• cannot_reset_bot - Cannot reset bot users
• not_an_admin - This method is only accessible by org/compliance team owners and admins
• token_expired - Authentication token has expired
• invalid_charset - The method was called via a POST request, but the charset specified in the Content-Type header was invalid. Valid charset names are: utf-8 iso-8859-1.
• method_deprecated - The method has been deprecated.
• user_session_reset_failed - There was an error starting the session reset. Try again.
• not_allowed_token_type - The token type used in this request is not allowed.
• org_login_required - The workspace is undergoing an enterprise migration and will not be available until migration is complete.
• invalid_auth - The token doesn't have access to this endpoint

Enqueues an asynchronous job to wipe all valid sessions on all devices for a given list of users

Required Params

• user_ids - The list of up to 1,000 user IDs to wipe sessions for ex: ["W12345678", "W98765432"]

Optional Params

• mobile_only - Only expire mobile sessions (default: false). Use the web_only and mobile_only parameters to wipe only web or only mobile sessions.
• web_only - Only expire web sessions (default: false). Use the web_only and mobile_only parameters to wipe only web or only mobile sessions.

Errors the API can return:

• unknown_method - This method is currently not available
• token_revoked - Authentication token is for a deleted user or workspace or the app has been removed when using a user token.
• invalid_arg_name - The method was passed an argument whose name falls outside the bounds of accepted or expected values. This includes very long names and names with non-alphanumeric characters other than _. If you get this error, it is typically an indication that you have made a very malformed API call.
• two_factor_setup_required - Two factor setup is required.
• feature_not_enabled - This method is not available for this product level
• invalid_form_data - The method was called via a POST request with Content-Type application/x-www-form-urlencoded or multipart/form-data, but the form data was either missing or syntactically invalid.
• invalid_post_type - The method was called via a POST request, but the specified Content-Type was invalid. Valid types are: application/json application/x-www-form-urlencoded multipart/form-data text/plain.
• restricted_action - Restricted action.
• fatal_error - The server could not complete your operation(s) without encountering a catastrophic error. It's possible some aspect of the operation succeeded before the error was raised.
• deprecated_endpoint - The endpoint has been deprecated.
• session_reset_not_allowed - Only primary owner can reset primary owner's sessions
• ratelimited - The request has been ratelimited. Refer to the Retry-After header for when to retry the request.
• ekm_access_denied - Administrators have suspended the ability to post a message.
• service_unavailable - The service is temporarily unavailable
• user_not_found - Error fetching user
• team_access_not_granted - The token used is not granted the specific workspace access required to complete this request.
• cannot_reset_primary_owner - Only primary owner can reset primary owner's sessions
• invalid_arguments - The method was called with invalid arguments.
• invalid_array_arg - The method was passed an array as an argument. Please only input valid strings.
• request_timeout - The method was called via a POST request, but the POST data was either missing or truncated.
• account_inactive - Authentication token is for a deleted user or workspace when using a bot token.
• not_authed - No authentication token provided.
• internal_error - There was an internal error processing this request! Please try again.
• enterprise_is_restricted - The method cannot be called from an Enterprise.
• no_permission - The workspace token used in this request does not have the permissions necessary to complete the request. Make sure your app is a member of the conversation it's attempting to post a message to.
• access_denied - Access to a resource specified in the request is denied.
• team_added_to_org - The workspace associated with your request is currently undergoing migration to an Enterprise Organization. Web API and other platform operations will be intermittently unavailable until the transition is complete.
• missing_scope - The token used is not granted the specific scope permissions required to complete this request.
• missing_post_type - The method was called via a POST request and included a data payload, but the request did not include a Content-Type header.
• accesslimited - Access to this method is limited on the current network
• cannot_reset_bot - Cannot reset bot users
• not_an_admin - This method is only accessible by org/compliance team owners and admins
• token_expired - Authentication token has expired
• invalid_charset - The method was called via a POST request, but the charset specified in the Content-Type header was invalid. Valid charset names are: utf-8 iso-8859-1.
• method_deprecated - The method has been deprecated.
• user_session_reset_failed - There was an error starting the session reset. Try again.
• not_allowed_token_type - The token type used in this request is not allowed.
• org_login_required - The workspace is undergoing an enterprise migration and will not be available until migration is complete.
• invalid_auth - The token doesn't have access to this endpoint
• failed_for_some_users - Some user ids failed to have their session invalidated. Details in extended comments

Configure the user-level session settings—the session duration and what happens when the client closes—for one or more users.

Required Params

• user_ids - The list of up to 1,000 user IDs to apply the session settings for ex: ['U12345','U67890']

Optional Params

• desktop_app_browser_quit - Terminate the session when the client—either the desktop app or a browser window—is closed. ex: true
• duration - The session duration, in seconds. The minimum value is 28800, which represents 8 hours; the max value is 315569520 or 10 years (that's a long Slack session). ex: 86400

Errors the API can return:

• unknown_method - This method is currently not available.
• unable_to_update_existing_sessions - The session settings could not be applied to users' existing sessions.
• token_revoked - Authentication token is for a deleted user or workspace or the app has been removed when using a user token.
• invalid_arg_name - The method was passed an argument whose name falls outside the bounds of accepted or expected values. This includes very long names and names with non-alphanumeric characters other than _. If you get this error, it is typically an indication that you have made a very malformed API call.
• two_factor_setup_required - Two factor setup is required.
• feature_not_enabled - This method is only available for Enterprise organizations.
• invalid_form_data - The method was called via a POST request with Content-Type application/x-www-form-urlencoded or multipart/form-data, but the form data was either missing or syntactically invalid.
• invalid_post_type - The method was called via a POST request, but the specified Content-Type was invalid. Valid types are: application/json application/x-www-form-urlencoded multipart/form-data text/plain.
• fatal_error - The server could not complete your operation(s) without encountering a catastrophic error. It's possible some aspect of the operation succeeded before the error was raised.
• deprecated_endpoint - The endpoint has been deprecated.
• bots_not_allowed - Bot sessions are not listed by this method.
• ratelimited - The rate limit for this endpoint has been reached.
• ekm_access_denied - Administrators have suspended the ability to post a message.
• service_unavailable - The service is temporarily unavailable
• user_not_found - At least one of the requested users doesn't exist.
• team_access_not_granted - The token used is not granted the specific workspace access required to complete this request.
• at_least_one_session_setting_required - At least one session setting is required.
• invalid_arguments - Required arguments either were not provided or contain invalid values.
• invalid_array_arg - The method was passed an array as an argument. Please only input valid strings.
• request_timeout - The method was called via a POST request, but the POST data was either missing or truncated.
• account_inactive - Authentication token is for a deleted user or workspace when using a bot token.
• not_authed - No authentication token provided.
• internal_error - There was an internal error processing this request—please retry.
• enterprise_is_restricted - The method cannot be called from an Enterprise.
• no_permission - The workspace token used in this request does not have the permissions necessary to complete the request. Make sure your app is a member of the conversation it's attempting to post a message to.
• access_denied - Access to a resource specified in the request is denied.
• team_added_to_org - The workspace associated with your request is currently undergoing migration to an Enterprise Organization. Web API and other platform operations will be intermittently unavailable until the transition is complete.
• missing_scope - The token used is not granted the specific scope permissions required to complete this request.
• missing_post_type - The method was called via a POST request and included a data payload, but the request did not include a Content-Type header.
• accesslimited - Access to this method is limited on the current network
• not_an_admin - This method is only accessible by Org Owners and Admins
• token_expired - Authentication token has expired
• invalid_charset - The method was called via a POST request, but the charset specified in the Content-Type header was invalid. Valid charset names are: utf-8 iso-8859-1.
• method_deprecated - The method has been deprecated.
• not_allowed_token_type - The token type used in this request is not allowed.
• org_login_required - The workspace is undergoing an enterprise migration and will not be available until migration is complete.
• invalid_auth - The token doesn't have access to this endpoint.
• admin_unauthorized - The token provided doesn't have permission to revoke a session.