Manage session lifecycle from external systems

Mosaic supports external session lifecycle control, allowing backend systems within your environment to programmatically terminate or extend user SSO sessions by invoking a journey—without requiring user interaction. This is useful when session management is centralized outside of Mosaic and needs to remain aligned with the session state maintained by Mosaic.

External session control enables backend systems to update session state independently, based on internal logic, monitoring systems, or policy-driven events.

Common use cases include:

  • A backend service monitors user activity across applications and initiates a logout when risk is detected.
  • A session manager periodically extends session validity to prevent timeouts during long-running operations.
  • Centralized session enforcement is required across services that do not directly participate in journey flows.

Mosaic provides the following journey steps to support this integration: