New in version 3.6.

The killAllSessionsByPattern command kills all sessions that match any of the specified patterns:


Killing a session kills any in-progress operations in the session, and closes any open cursors associated with these operations. The killed session may still be listed as a current session, and future operations may use the killed session.

{ killAllSessionsByPattern: [ <pattern>, ... ]  }

The command takes an array of documents that specify the patterns to match:

Pattern Description
{ lsid: { id : <UUID> } } Specify the UUID portion of the session id to kill.
{ uid: <BinData> } Specifies the hash of the owner of the sessions to kill.
{ users: [ { user: <user>, db: <dbname> }, ... ] } Specifies the owners of the sessions to kill. Requires additional privileges. See Access Control.
{ roles: [ { role: <role>, db: <dbname> }, ... ] } Specifies the roles assigned to the owners of the sessions to kill. Requires additional privileges. See Access Control.

Specify an empty array to kill all sessions.

To run killAllSessionsByPattern, use the db.runCommand( { <command> } ) method.

To view existing sessions, see $listSessions operation or $listLocalSessions.

See also


Access Control

If the deployment enforces authentication/authorization, you must have the killAnySession to run the killAllSessionsByPattern command.

For patterns that include users or roles, you must also have privileges that grant impersonate action on the cluster resource.


Users can kill their own sessions even without killAnySession privilege action.


Kill All Sessions

The following operation kills all sessions:

db.runCommand( { killAllSessionsByPattern: [ ] } )

Kill All Sessions for Specific Users

The following operation kills all sessions that have the specified uid and whose owner has the specified role:

db.runCommand( { killAllSessionsByPattern: [
   { "uid" : BinData(0,"oBRA45vMY78p1tv6kChjQPTdYsnCHi/kA/fFMZTIV1o=") },
   { roles: [ { role: "readWrite", db: "test" } ] }
] } )