API Stability Long-Term

The sessions() GraphQL query provides paginated search results for tokens.

For information on session management, see the Session management documentation page. You may also want to look at session().

Syntax

Below is the syntax for the sessions() query field:

graphql
sessions(
     searchFilter: string,
     skip: integer,
     limit: integer,
     onlyActiveSessions: boolean,    
     level: Sessions__Filter_Level,
     sortBy: Sessions__SortBy,
     orderBy: OrderBy,
   ): SessionQueryResultSet!

For the input, there are several parameters. Some have default values: skip is 0; limit is 50; and onlyActiveSessions is true. There are defaults for the special datatypes. They're described in the Given Datatypes section below.

The parameters for the return datatype SessionQueryResultSet is listed in the Returned Datatypes section.

Below is an example of how this query field may be used:

Raw
graphql
query{
  sessions(
    searchFilter: "company.com"
    limit: 10
    skip: 0
    onlyActiveSessions: false 
    level: Organization
    sortBy: User
    orderBy: DESC
  )
  {totalResults, results {id, user{username}}}
}
Mac OS or Linux (curl)
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query{
  sessions(
    searchFilter: \"company.com\"
    limit: 10
    skip: 0
    onlyActiveSessions: false 
    level: Organization
    sortBy: User
    orderBy: DESC
  )
  {totalResults, results {id, user{username}}}
}"
}
EOF
Mac OS or Linux (curl) One-line
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query{
  sessions(
    searchFilter: \"company.com\"
    limit: 10
    skip: 0
    onlyActiveSessions: false 
    level: Organization
    sortBy: User
    orderBy: DESC
  )
  {totalResults, results {id, user{username}}}
}"
}
EOF
Windows Cmd and curl
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "query{ ^
  sessions( ^
    searchFilter: \"company.com\" ^
    limit: 10 ^
    skip: 0 ^
    onlyActiveSessions: false  ^
    level: Organization ^
    sortBy: User ^
    orderBy: DESC ^
  ) ^
  {totalResults, results {id, user{username}}} ^
}" ^
} '
Windows Powershell and curl
powershell
curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "query{
  sessions(
    searchFilter: \"company.com\"
    limit: 10
    skip: 0
    onlyActiveSessions: false 
    level: Organization
    sortBy: User
    orderBy: DESC
  )
  {totalResults, results {id, user{username}}}
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"
Perl
perl
#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "query{
  sessions(
    searchFilter: \"company.com\"
    limit: 10
    skip: 0
    onlyActiveSessions: false 
    level: Organization
    sortBy: User
    orderBy: DESC
  )
  {totalResults, results {id, user{username}}}
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";
Python
python
#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "query{
  sessions(
    searchFilter: \"company.com\"
    limit: 10
    skip: 0
    onlyActiveSessions: false 
    level: Organization
    sortBy: User
    orderBy: DESC
  )
  {totalResults, results {id, user{username}}}
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)
Node.js
javascript
const https = require('https');

const data = JSON.stringify(
    {"query" : "query{
  sessions(
    searchFilter: \"company.com\"
    limit: 10
    skip: 0
    onlyActiveSessions: false 
    level: Organization
    sortBy: User
    orderBy: DESC
  )
  {totalResults, results {id, user{username}}}
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL/graphql',
  path: '/graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();
Example Responses
Success (HTTP Response Code 200 OK)
json
{
  "data": {
    "sessions": {
      "totalResults": 2,
      "results": [
        {
          "id": "hOIfDrvLcC3jNP2RbZS9aYdP2j4ml6la",
          "user": {
            "username": "steve@company.com"
          }
        },
        {
          "id": "3bDFGc6CGGRJ7I203dG3JMg1LKs3cvZ6",
          "user": {
            "username": "bob@company.com"
          }
        }
      ]
    }
  }
}

This example searches for sessions with users who have an email address using company.com. It includes active and inactive sessions. And sorts by users in descending order. For the results, it's requesting the ID and username for each session.

Given Datatypes

The special input datatypes Sessions__Filter_Level, Sessions__SortBy and OrderBy each have some parameters. They're listed in the three tables here:

Table: Sessions__Filter_Level

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Oct 10, 2025
Organization  Long-TermFilter sessions based on organization.
User   Long-TermFilter sessions based on user.

Table: Sessions__SortBy

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Oct 10, 2025
ClientInfo   Long-TermSort sessions by client information.
IPAddress   Long-TermSort sessions by IP address.
LastActivityTime   Long-TermSort sessions by the time last active.
Location   Long-TermSort sessions by location.
LoginTime   Long-TermSort sessions by login time.
User   Long-TermSort sessions by user.

Table: OrderBy

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Oct 10, 2025
ASC  Long-TermOrder results in ascending order (e.g., 0 to 9, A to Z).
DESC   Long-TermOrder results in descending order (e.g., 9 to 0, Z to A).

Returned Datatypes

The returned datatype SessionQueryResultSet has its own parameters. Below is a list of them along with their datatypes and a description of each:

Table: SessionQueryResultSet

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Oct 3, 2024
results[Session]yes Long-TermThe paginated results set. See Session.
totalResultsintegeryes Long-TermThe total number of matching results.