Multi Session

List and revoke device sessions.

This page documents the current Ruby port behavior. Ruby uses snake_case option names and auth.api method names; HTTP paths and JSON keys keep the upstream wire shape where implemented.

Configure

config/auth.rb

require "better_auth"

auth = BetterAuth.auth(
  secret: ENV.fetch("BETTER_AUTH_SECRET"),
  base_url: ENV.fetch("BETTER_AUTH_URL", "http://localhost:3000"),
  plugins: [
    BetterAuth::Plugins.multi_session(maximum_sessions: 5)
  ]
)

Usage

server.rb

sessions = auth.api.list_device_sessions(
  headers: { "cookie" => request.env["HTTP_COOKIE"] }
)

auth.api.revoke_device_session(
  headers: { "cookie" => request.env["HTTP_COOKIE"] },
  body: { sessionToken: sessions.first["token"] }
)

Routes

Method	Path	Ruby API method
`GET`	`/multi-session/list-device-sessions`	`auth.api.list_device_sessions`
`POST`	`/multi-session/set-active`	`auth.api.set_active_session`
`POST`	`/multi-session/revoke`	`auth.api.revoke_device_session`

Options

Current Ruby options accepted by BetterAuth::Plugins.multi_session:

maximum_sessions

Support Notes

The examples above are based on Ruby plugin source and tests in packages/better_auth.
If an upstream section is not represented here, treat it as not yet documented or not yet supported by the Ruby port until the matching Ruby implementation exists.

Get Started

Concepts

Authentication

Databases

Integrations

Plugins

AI Resources

Reference

Guides

Configure

Usage

Routes

Options

Support Notes

On this page