Skip to main content

Revoke Access

revoke access

Administrators and Workspace Owners can view/revoke the access of users and access tokens at any time.

This article outlines instructions for user sessions using Wayfinder's Web Interface or CLI.

CLI Instructions

To view or revoke live sessions

  1. List all live sessions in your workspace:

    wf sessions --all

NAME                                                               ROLE               CLUSTER      NAMESPACE                   USER               EXPIRES AT              AGE
namespace.admin.aks-opdar.azure-demo-app-test-env5.name.tahh9dx namespace.admin aks-opdar azure-demo-app-test-env5 name@appvia.io 2023-04-20T17:11:13Z 93m
  1. To revoke access, find the username whose access you want to revoke in the USER column, and then delete the session using the value in the NAME column:

    wf sessions NAME --revoke

    The session name is the assumption policy associated with that user's assumed role session.


Web Interface Instructions

To view or revoke live sessions in Wayfinder's web interface

  1. Select Workspaces > Your-Workspace-Name, then navigate to Settings and select the Live access sessions tab

    This page shows all live sessions on all clouds for your workspace, including:

    • Session name
    • Subject - the username of the user who has access in this session
    • Role - the role this user has assumed
    • Cluster/Namespace - the cluster and namespace being accessed
    • Expires - the amount of time left on this session to access the cluster
    • Session status
  2. To revoke access, find the username whose access you want to revoke, and then click the Revoke access button for that username.


Screenshot(s)

  • View live sessions
View Live Sessions


  • Revoke a live sessions
Revoke Session