For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Apply for AccessDashboard
Guides
Guides
  • Get Started
    • Introduction
    • Quickstart
  • Agent Identity
    • Overview
    • Create Auth Intent
    • Exchange for JWT
    • Sessions
    • JWKS
  • Agent Checkout
    • Overview
    • Create an Invoice
    • List Invoices
    • Get Invoice
    • Cancel Invoice
  • Integration Patterns
    • Overview
    • Shared SDK Client
    • Wallet Auth
    • JWT Verification
    • Subscription Checkout
    • Webhook Verification
  • Concepts
    • Two Invoice IDs
    • Wallet Identity
    • Session vs Token
    • Webhook-Driven State
  • Webhooks
    • Overview
    • Verify Signatures
  • Reliability
    • Errors
    • SDK Reference
Apply for AccessDashboard
On this page
  • Get a session
  • Session fields
  • Revoke a session
  • Errors
  • Next step
Agent Identity

Sessions

Get and revoke auth sessions
||View as Markdown|
Was this page helpful?
Edit this page
Previous

Exchange Auth Intent

Next

JWKS

Built with

Get a session

Check the status of an auth session:

1import { Gwop } from "@gwop/sdk";
2
3const gwop = new Gwop({
4  merchantApiKey: process.env.GWOP_MERCHANT_API_KEY,
5});
6
7const { result: session } = await gwop.authSessions.get({
8  sessionId: "sess_abc123",
9});
10
11console.log(session.status);        // "active", "revoked", or "expired"
12console.log(session.sub);           // "base:0x742d..." — wallet identity
13console.log(session.chain);         // "base" or "solana"
14console.log(session.walletAddress); // "0x742d35Cc..."
15console.log(session.createdAt);     // Session creation timestamp
16console.log(session.expiresAt);     // Session expiry
17console.log(session.revokedAt);     // null if active, Date if revoked

Session fields

FieldTypeDescription
sessionIdstringSession identifier
statusstringactive, revoked, or expired
substringWallet identity ({chain}:{address})
chainstringbase or solana
walletAddressstringRaw wallet address
createdAtDateWhen the session was created
expiresAtDateWhen the session expires
revokedAtDate | nullWhen the session was revoked, or null

Revoke a session

Revoke an active session (logout):

1const { result } = await gwop.authSessions.revoke({
2  sessionId: "sess_abc123",
3});

Errors

1import { ErrorCode, isGwopError } from "@gwop/sdk/errors";
2
3try {
4  await gwop.authSessions.get({ sessionId: "sess_invalid" });
5} catch (err) {
6  if (isGwopError(err, ErrorCode.SessionNotFound)) {
7    err.statusCode; // 404
8  }
9}

Next step

JWKS

Verify JWTs locally without calling the API on every request

Auth Overview

Full auth flow, wallet identity, and what auth unlocks