Managing Your Sessions
Every device you sign in from creates a session, and your profile gives you full visibility and one-click control over all of them — so you can see where your account is logged in and sign out anything you do not recognize.
This guide walks you through reviewing your active sessions and signing them out. For the underlying security model, see Authentication.
Where to Find Your Sessions
Your sessions live in your profile, under the security settings.
- Open the profile menu (top right) and choose Profile.
- Select the Security tab.
- Scroll to the Active Sessions card.
Open in Mirox
Jump straight to your profile: service.mirox.io/#/profile, then open the Security tab.
The list shows only sessions that are still valid — expired ones drop off automatically, sorted with the most recently active first.
Reading the Session List
Each row describes one active sign-in:
| Column | What it tells you |
|---|---|
| Device | The browser and operating system, a recognized API client (for scripts and tools), or Unknown client when the device could not be identified. |
| Location | The approximate city and country, with the country flag. |
| IP Address | The public IP the session is connecting from. |
| Last active | A live Online indicator if the session was used within the last few minutes, otherwise how long ago it was last used. |
| Expires | When the session will end on its own if you do nothing. |
Your current session — the one you are using right now — is highlighted and is the only row without a revoke action, so you can never accidentally sign yourself out of the browser you are working in.
Info
A row labelled Unknown client simply means the connecting software did not identify itself in a way the platform recognizes (common for command-line tools and scripts). It is not, by itself, a sign of compromise — but it is exactly the kind of entry worth checking against your own activity.
Signing Out a Single Session
If you spot a session you do not recognize, or you forgot to sign out on a shared or lost device, end it from here:
- Find the session row.
- Click Revoke.
The session stops working immediately — the next request from that device is rejected and the user is returned to the login screen.
Signing Out Everywhere Else
To sign out of every other device in one step while keeping your current session active:
- Click Revoke All at the top of the Active Sessions card.
- Confirm in the dialog. It tells you how many other sessions will be ended.
Your current session stays signed in; all others are revoked at once. This is the fastest response if you suspect your account has been used somewhere you did not authorize.
Warning
Changing your password also signs out every other session automatically, and completing a password reset signs out all sessions including the current one. If you reset your password, expect to log in again afterwards.
Good Security Hygiene
- Review regularly — glance over your active sessions from time to time, especially the location and last-active columns, to confirm everything is yours.
- Sign out on shared devices — after using a public or shared computer, revoke that session rather than relying on the browser to forget you.
- Act on the unexpected — if a session shows an unfamiliar location or device, revoke it, then change your password and review your audit log for any access to your plants.
- Add a second factor — two-factor authentication means a stolen password alone cannot start a new session.
- Watch your sign-in alerts — the platform emails you when a login arrives from a new device or location; treat an alert you cannot explain the same way you would an unexpected session.
Related Guides
- Authentication — how sign-in, sessions, and remote sign-out work behind the scenes
- Setting Up Two-Factor Authentication — add a second proof of identity so a password alone is not enough
- Audit Log — the immutable record of who accessed your plants and devices
- Permission System — what an identity is allowed to reach once it is signed in