cURL

curl --request GET \
  --url https://api.lightspark.com/grid/2025-10-13/auth/sessions \
  --header 'Authorization: Basic <encoded-value>'

{
  "data": [
    {
      "id": "Session:019542f5-b3e7-1d02-0000-000000000003",
      "accountId": "InternalAccount:019542f5-b3e7-1d02-0000-000000000002",
      "type": "OAUTH",
      "nickname": "example@lightspark.com",
      "createdAt": "2026-04-08T15:30:01Z",
      "updatedAt": "2026-04-08T15:35:00Z",
      "expiresAt": "2026-04-09T15:30:01Z",
      "encryptedSessionSigningKey": "w99a5xV6A75TfoAUkZn869fVyDYvgVsKrawMALZXmrauZd8hEv66EkPU1Z42CUaHESQjcA5bqd8dynTGBMLWB9ewtXWPEVbZvocB4Tw2K1vQVp7uwjf"
    }
  ]
}

Embedded Wallet Auth

List active sessions

Retrieve all active authentication sessions on an Embedded Wallet internal account. A session is created each time a credential is verified via POST /auth/credentials/{id}/verify, and remains active until its expiresAt passes or it is revoked via DELETE /auth/sessions/{id}.

The response is not paginated: an internal account is expected to have a small, bounded number of concurrent sessions (one per signed-in device, typically 1–4), so all results are returned inline.

GET

auth

sessions

cURL

curl --request GET \
  --url https://api.lightspark.com/grid/2025-10-13/auth/sessions \
  --header 'Authorization: Basic <encoded-value>'

{
  "data": [
    {
      "id": "Session:019542f5-b3e7-1d02-0000-000000000003",
      "accountId": "InternalAccount:019542f5-b3e7-1d02-0000-000000000002",
      "type": "OAUTH",
      "nickname": "example@lightspark.com",
      "createdAt": "2026-04-08T15:30:01Z",
      "updatedAt": "2026-04-08T15:35:00Z",
      "expiresAt": "2026-04-09T15:30:01Z",
      "encryptedSessionSigningKey": "w99a5xV6A75TfoAUkZn869fVyDYvgVsKrawMALZXmrauZd8hEv66EkPU1Z42CUaHESQjcA5bqd8dynTGBMLWB9ewtXWPEVbZvocB4Tw2K1vQVp7uwjf"
    }
  ]
}

Authorizations

Authorization

string

header

required

API token authentication using format <api token id>:<api client secret>

Query Parameters

accountId

string

required

Internal account id whose sessions to list.

Response

Active authentication sessions on the internal account. Returns an empty data array when the internal account has no active sessions or when accountId does not match any internal account visible to the caller.

data

Authentication Session · object[]

required

List of active authentication sessions for the internal account.

Show child attributes

Re-issue an authentication credential challenge

Revoke an authentication session

⌘I

Using the API

API documentation

List active sessions

Authorizations

Query Parameters

Response