Whenever a device is detached, the owner/user of that device should be logged out immediately. Let's take a closer look at some scenarios and how to handle them.
If the devices are offline, but and they get detached, you can simply leave it there. The next time the offline device comes online and gets
attached, the logic will re-run and Rupt will re-evaluate the attached devices.
Rupt automatically handles notifying the devices if they are online. We use realtime APIs to send a notification to the SDK which will redirect the detached device to
redirect_urls.logout_url. You must add this callback with the proper logout url to see the results.
You must add the
redirect_urls.logout_url parameter to the
attach function for realtime detach handling to work properly
Because the device is offline, there is no realtime communication between Rupt's servers and the device. So we cannot notify it immediately. Instead, Rupt's servers send a webhook event of type
device.detached which include the device information and any
metadata that was added to the device on the
If you implement the webhooks, when you receive the event, you should expire the user session, delete their login cookies or expire their bearer token. Because the user will have multiple sessions, you can send an identifier in the
metadata and use that to select which session to logout.
Take a look at the Handle webhook events guide.