The Session Expiration Monitoring and User Alert API enables client applications, such as Entitlement Service or User Console, to monitor the remaining time of an active Privileged Remote Access (PRA) session and proactively alert users before the session expires.
This API is designed to prevent unexpected session termination due to entitlement duration limits, policy‑based timeouts, or administrative actions. By exposing session expiration data and near‑expiration events, integrated systems can provide timely, user‑friendly warnings and reduce disruption during active sessions.
This API provides visibility and notification only. It does not modify session termination behavior, extend sessions, or override security policies.
This standardized API and event mechanism enables integrated systems to:
- Retrieve the remaining time for an active PRA session.
- Subscribe to session lifecycle and expiration events.
- Configure warning thresholds to alert users before session termination.
- Ensure session expiration is predictable, visible, and manageable for both users and administrators.
The default alert occurs five (5) minutes before expiration.
Endpoint
This returns a list of active Jump Approval sessions for the specified user, including computed fields for expiration tracking.
GET /api/config/v1/jump-approval/session-status/USER_IDPath Parameter
| Parameter | Type | Required | Description |
|---|---|---|---|
| user_id | integer | Yes | The ID of the user whose active sessions to retrieve |
Response Behavior
| Scenario | Status | Body |
|---|---|---|
| User has no active sessions | 200 OK | Empty array [ ] |
| User has approved or in-progress sessions | 200 OK | Array of session objects |
| User does not exist or invalid input | 422 Unprocessable Entity | Validation error details |
| Called on a Remote Support (non-PRA) appliance | 404 Not Found |
Session Object Schema
| Field | Type | Description |
|---|---|---|
| id | integer | Unique session identifier |
| state | string | "approved" or "in_use" |
| jump_item_id | integer | ID of the associated jump item |
| jump_item_type | string | Type of jump item (e.g., "web_jump") |
| jump_policy_id | integer | ID of the governing jump policy |
| created_by_user_id | integer | ID of the user who created the request |
| start_timestamp | integer | Unix timestamp when the session started |
| duration | integer | Approved session duration in seconds |
| end_timestamp | integer | Equals start_timestamp + duration |
| time_remaining_seconds | integer | Seconds remaining; ≥ 0 |
| expired | boolean | Whether the session has expired |
Example response:
[
{
"id": 5,
"state": "approved",
"jump_item_id": 8,
"jump_item_type": "jump_client",
"jump_policy_id": 2,
"created_by_user_id": 23,
"start_timestamp": 1771969289,
"duration": 300,
"end_timestamp": 1771969589,
"time_remaining_seconds": 283,
"expired": false
}
]Entitlement Integration Example
- The Entitlement Service subscribes to the session lifecycle event stream or polls the expiration endpoint.
- When the "expiring soon" event is received, the service surfaces a banner or modal in the active session UI.
- The user is notified with a clear, actionable message:
"Your session will expire in 5 minutes. Please save your work or request an extension if applicable."
This approach enables entitlement‑aware systems to handle expiration events smoothly without compromising security.
