Get all access_token by subject

[so-sdhawan]

Objective: Ability to log out all other active sessions of a user apart from the current (the one from where request was made).
Found DELETE /oauth2/auth/sessions/consent?subject=string which logs out all active sessions, but that doesn't fulfill the requirement.
Can make a POST /oauth2/revoke for each one of active access_tokens if there is a way get all active access_token by subject.
The most relevant API found for that was GET /oauth2/auth/sessions/consent?subject=string, but it seems to always returns access_token: {}
Can someone suggest the correct API, or any other way to approach this problem.

[vinckr]

You want to log out all active sessions or revoke access tokens?

Which of the three cases below is the one you want to delete all active?

• Your Application's Session Manager keeps track of the user within your application. You will use OpenID Connect to initiate and complete the login, but your application needs to store and track and invalidate the session.
• ORY Hydra maintains a session cookie. When a user signs in, the cookie will be set for that user. This allows the next OAuth2 request to complete without requesting the user to sign in again.
• Optionally - If your application connects to a third-party identity provider (e.g. Sign in with Google, GitHub, Facebook, ...) that third party provider also maintains a session of the user.
  https://www.ory.sh/hydra/docs/concepts/before-oauth2/#access-and-refresh-tokens-are-not-sessions

More about the logout flow.

We had a similar issue in the forum a while back: https://community.ory.sh/t/revoking-specific-login-sessions/1445/9.
I quote from hackerman:

Please do not use access tokens as proof of authentication. Revoking an access token is not the same as deleting a user session. It is simply not the same thing. Don’t do it.

What you want is probably revoking access for a specific oauth2 application (think of GitHub 3rd Party Apps or Google 3rd Party Apps etc):

https://www.ory.sh/docs/hydra/sdk/api#lists-all-consent-sessions-of-a-subject 3
https://www.ory.sh/docs/hydra/sdk/api#revokes-consent-sessions-of-a-subject-for-a-specific-oauth-20-client 11

Again, this has absolutely nothing to do with login.