FSMaxB FSMaxB - 7 months ago 103
C# Question

How to sign out a user in ASP.NET Core Identity

I am trying to log out all active sessions of a user that I am changing (deleting, adding or removing roles, changing the password etc.).

I found solutions for old versions of ASP .NET. Essentially calling

but this doesn't seem to work with ASP .NET Core. I can call the function, but it just does nothing. The user is still logged in after that.

So how on earth can I log out a logged in user (all open sessions)?

tmg tmg

There is a property of IdentityOptions called SecurityStampValidationInterval, which sets how often the cookie is validated. Its set to 30 minutes by default. You can change that:

services.Configure<IdentityOptions>(options =>
     options.SecurityStampValidationInterval = TimeSpan.FromSeconds(0);