Get Sessions Config

GET/web/v1/users/self/security/sessions/config JWT

Retrieves the authenticated user's session configuration including SSO status, session limits, and last login information.

Required Headers

Header	Example Value	Description
Content-Type	application/json	Request content type
Accept	application/json	Expected response type
X-Client-Hash		Client device fingerprint
Accept-Language	`en`, `zh`, `zh-Hant`, `ja`, `vi`	Response language (default: `en`)
Authorization	Bearer	JWT access token
X-SC-Session-Id		Secure channel session ID

Request Parameters

No request parameters required.

Success Response

Success 200

{
  "version": "1.3.0",
  "timestamp": 1709337600000,
  "success": true,
  "code": "2000",
  "message": "SUCCESS",
  "data": {
    "accountBizId": "acc_abc123",
    "ssoEnabled": false,
    "maxSessions": 10,
    "passwordChangedAt": "2026-03-23T10:00:00Z",
    "lastLoginAt": "2026-03-23T12:00:00Z",
    "lastLoginIp": "1.2.3.4"
  }
}

Error Responses

Unauthorized 401

{
  "success": false,
  "code": "4010",
  "message": "Invalid or expired token"
}

Notes

Replaces the old GET /security/config endpoint.
mfaEnabled field is removed — MFA status is now derived from GET /security/mfa method list.
ipWhitelistEnabled field is removed — IP whitelist status is controlled via dedicated /ip-whitelist/enable and /ip-whitelist/disable endpoints.

Get Sessions Config ​

Required Headers ​

Request Parameters ​

Success Response ​

Error Responses ​