Session Revoked (CAEP)
Continuous Access Evaluation Profile event indicating a user session has been terminated (CAEP §3.1). Receiving systems must immediately invalidate the affected session.
Session Revoked (CAEP)
Continuous Access Evaluation Profile event indicating a user session has been terminated (CAEP §3.1). Receiving systems must immediately invalidate the affected session.
Security EventsCAEPContinuous Eval
Sequence Diagram
Click any step for details
Request
Response
Redirect
Internal
Step-by-Step Breakdown
1
Session Revocation Trigger
Identity Provider → Identity Provider
2
Create Session Revoked SET
Identity Provider → Identity Provider
3
Deliver SET to Receivers
Transmitter → All Subscribed Receivers
4
Receiver Validates SET
Receiver (RP) → Receiver (RP)
5
Terminate User Sessions
Receiver (RP) → Session Store
6
Revoke Access Tokens
Receiver (RP) → Token Store
Token Inspector
Specs for this flow
Sections of the protocol that normatively define this flow, plus the security considerations that apply to it.