remove_all_user_sessions
Terminates all active user sessions in a specified realm or the default realm, ensuring users must re-authenticate. Useful for enhancing security or enforcing session resets in Keycloak identity management.
Instructions
Remove all sessions for all users in the realm.
Args:
realm: Target realm (uses default if not specified)
Returns:
Status message
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| realm | No |
Implementation Reference
- src/tools/realm_tools.py:268-282 (handler)The main handler function for the 'remove_all_user_sessions' tool. It uses the KeycloakClient to POST to the '/logout-all' endpoint, which logs out all users in the specified (or default) realm.async def remove_all_user_sessions(realm: Optional[str] = None) -> Dict[str, str]: """ Remove all sessions for all users in the realm. Args: realm: Target realm (uses default if not specified) Returns: Status message """ await client._make_request("POST", "/logout-all", realm=realm) return { "status": "removed", "message": "Sessions for all users removed successfully", }
- src/tools/realm_tools.py:267-267 (registration)The @mcp.tool() decorator registers the 'remove_all_user_sessions' function as an MCP tool.@mcp.tool()