device-session-management
OfficialSecure device sessions for totems
System Documentation
What problem does it solve?
Devices such as totems need a dedicated session model separate from user sessions to prevent privilege leakage, enable short-lived credentials, and allow reliable revocation and auditing for unattended check-in flows. Mixing device and user sessions increases security risk, complicates expiration and revocation, and makes anomaly detection harder.
Core Features & Use Cases
- Isolated Authentication: Authenticate devices using a secure credential (accessCode) and issue a hashed session token.
- Lifecycle & Validation: Store sessions with expiresAt, validate the session on every request, and enforce expiration checks.
- Binding & Security: Bind sessions to totemId and optionally validate IP and userAgent; support revocation on suspicious activity.
- Use Case: A totem logs in with an accessCode, receives a TotemSession token which is used for check-in operations until it expires or is revoked.
Quick Start
Create a secure device session for totem TOTEM_ID using an accessCode, emit a hashed token stored with an expiresAt value (for example 30 minutes), and validate the token, bound totemId, and requester IP on each check-in request.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: device-session-management Download link: https://github.com/Fivents/one-id/archive/main.zip#device-session-management Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.