Authentication Session Invalidation (added in v2.4)

IdentityServer3 defines the IAuthenticationSessionValidator interface to allow invalidating an existing login session. This can be used to, in essence, ignore a logged in user’s authentication cookie (typically due to some external event such as the user having changed their password since they logged in). The user will be treated as anonymous, which generally means that they must re-authenticate to continue to use IdentityServer.


The interface defines one method: