Manage session lifecycle from external systems
Mosaic supports external session lifecycle control, allowing backend systems within your environment to programmatically terminate or extend user SSO sessions by invoking a journey—without requiring user interaction. This is useful when session management is centralized outside of Mosaic and needs to remain aligned with the session state maintained by Mosaic.
External session control enables backend systems to update session state independently, based on internal logic, monitoring systems, or policy-driven events.
Common use cases include:
- A backend service monitors user activity across applications and initiates a logout when risk is detected.
- A session manager periodically extends session validity to prevent timeouts during long-running operations.
- Centralized session enforcement is required across services that do not directly participate in journey flows.
Mosaic provides the following journey steps to support this integration:
- SSO Session Termination : Ends either a specific session or all sessions associated with a user.
- SSO Session Keep Alive : Extends the validity of a specific session token or all session tokens associated with a user.