Docs Menu

killAllSessions

On this page

  • Definition
  • Syntax
  • Access Control
  • Behavior
  • Examples
killAllSessions

New in version 3.6.

The killAllSessions command kills all sessions for the specified users. [1]

The command has the following syntax:

db.runCommand( { killAllSessions: [ { user: <user>, db: <dbname> }, ... ] } )

The command takes an array of documents where each document specifies the user and the user's authentication database. Specify an empty array to kill all sessions for all users in the system. [1]

To view existing sessions, see $listSessions operation or $listLocalSessions.

Tip
See also:
[1](1, 2) The killAllSessions operation ignores sessions that have transactions in prepared state. See Behavior for details.

If the deployment enforces authentication/authorization, you must have the killAnySession to run the killAllSessions command.

Note

Users can kill their own sessions even without killAnySession privilege action.

Killing a session kills any in-progress operations in the session and closes any open cursors associated with these operations.

The killed session may still be listed as a current session, and future operations may use the killed session. To view existing sessions, see $listSessions operation or $listLocalSessions.

The killAllSessions operation ignores sessions that have transactions in prepared state. Transactions in prepared state refer to transactions with write operations that span multiple shards whose commit coordinator has completed the "sendingPrepare" action.

The following operation kills all sessions for all users in the system:

db.runCommand( { killAllSessions: [ ] } )

The following operation kills all sessions for the user appReader in the db1 and the user reportWriter in db2 databases:

db.runCommand( { killAllSessions: [
{ user: "appReader", db: "db1" },
{ user: "reportWriter", db: "db2" }
] } )
Give Feedback
© 2021 MongoDB, Inc.

About

  • Careers
  • Legal Notices
  • Privacy Notices
  • Security Information
  • Trust Center
© 2021 MongoDB, Inc.