Navigation

killAllSessions

Definition

killAllSessions

New in version 3.6.

The killAllSessions command kills all sessions for the specified users.

Syntax

The command has the following syntax:

db.runCommand( { killAllSessions: [ { user: <user>, db: <dbname> }, ... ]  } )

The command takes an array of documents where each document specifies the user and the user’s authentication database. Specify an empty array to kill all sessions for all users in the system.

To view existing sessions, see $listSessions operation or $listLocalSessions.

Access Control

If the deployment enforces authentication/authorization, you must have the killAnySession to run the killAllSessions command.

Note

Users can kill their own sessions even without killAnySession privilege action.

Behavior

In-progress Operations

Killing a session kills any in-progress operations in the session and closes any open cursors associated with these operations.

Killed Session Availability

The killed session may still be listed as a current session, and future operations may use the killed session. To view existing sessions, see $listSessions operation or $listLocalSessions.

Examples

Kill All Sessions

The following operation kills all sessions for all users in the system:

db.runCommand( { killAllSessions: [ ] } )

Kill All Sessions for Specific Users

The following operation kills all sessions for the user appReader in the db1 and the user reportWriter in db2 databases:

db.runCommand( { killAllSessions: [
   { user: "appReader", db: "db1" },
   { user: "reportWriter", db: "db2" }
] } )