Merge pull request #314018 from craigshoemaker/aca/sessions-api-updates

[Container Apps] Document Sessions Management API: get/list endpoints, error codes

Author: prmerger-automator[bot]

articles/container-apps/session-pool.md

@@ -5,7 +5,7 @@ services: container-apps
 author: craigshoemaker
 ms.service: azure-container-apps
 ms.topic: how-to
-ms.date: 04/07/2025
+ms.date: 03/31/2026
 ms.author: cshoe
 ---
 
@@ -97,7 +97,7 @@ With the `Timed` lifecycle, a session is deleted after a period of inactivity. A
 
 All requests to the pool management endpoint must include an `Authorization` header with a bearer token. To learn how to authenticate with the pool management API, see [Authentication](sessions-usage.md#authentication).
 
-Each API request must also include the query string parameter `identifier` with the session ID. This unique session ID enables your application to interact with specific sessions. To learn more about session identifiers, see [Session identifiers](./sessions-usage.md#identifiers).
+Most API requests also require the query string parameter `identifier` with the session ID. This unique session ID enables your application to interact with specific sessions. Pool-wide operations like listing sessions don't require an identifier. To learn more about session identifiers, see [Session identifiers](./sessions-usage.md#identifiers).
 
 ## Image caching
 
@@ -183,11 +183,15 @@ The following endpoints are available for managing sessions in a pool:
 | `files/upload` | `POST` | Upload a file to a session. |
 | `files/content/{filename}` | `GET` | Download a file from a session. |
 | `files` | `GET` | List the files in a session. |
+| `.management/getSession` | `POST` | Get details about a specific session. |
+| `.management/listSessions` | `POST` | List all sessions in the pool with pagination. |
 
 You build the full URL for each endpoint by concatenating the pool's management API endpoint with the endpoint path. The query string must include an `identifier` parameter containing the session identifier, and an `api-version` parameter with the value `2024-02-02-preview`. API versions can change, so always confirm the latest version in the REST API docs before using it in production.
 
 For example: `{sessionManagementEndpoint}/code/execute?api-version=2024-02-02-preview&identifier=<IDENTIFIER>`
 
+For the `getSession` and `listSessions` endpoints, see [Retrieve session information](./sessions-usage.md#retrieve-session-information) for request and response details.
+
 For REST API references, see [Container Apps data-plane APIs](/rest/api/containerapps/#data-plane-apis) and the [Container Apps data-plane operations overview](/rest/api/data-plane/containerapps/operation-groups).
 
 ## Custom container session pool
@@ -204,6 +208,16 @@ For custom container session pools, get the management endpoint from the Azure p
 
 The endpoint is in the format `https://<SESSION_POOL_NAME>.<ENVIRONMENT_ID>.<REGION>.azurecontainerapps.io`. 
 
+Custom container pools support the same management endpoints as code interpreter pools, plus custom application endpoints you define:
+
+| Endpoint path | Method | Description |
+|----------|--------|-------------|
+| `*` (custom paths) | `POST`, `GET` | Custom endpoints defined by your container application. |
+| `.management/getSession` | `POST` | Get details about a specific session. |
+| `.management/listSessions` | `POST` | List all sessions in the pool with pagination. |
+
+For the `getSession` and `listSessions` endpoints, see [Retrieve session information](./sessions-usage.md#retrieve-session-information) for request and response details.
+
 #### OnContainerExit
 
 With the `OnContainerExit` lifecycle, a session remains active until the container exits on its own or the maximum alive period is reached.

articles/container-apps/sessions-usage.md

@@ -5,7 +5,7 @@ services: container-apps
 author: craigshoemaker
 ms.service: azure-container-apps
 ms.topic: how-to
-ms.date: 05/19/2025
+ms.date: 03/31/2026
 ms.author: cshoe
 ms.custom: references_regions, ignite-2024
 ---
@@ -77,10 +77,145 @@ The session identifier is a string you define that is unique within the session
 
 The identifier must be a string that is 4 to 128 characters long and can contain only alphanumeric characters and special characters from this list: `|`, `-`, `&`, `^`, `%`, `$`, `#`, `(`, `)`, `{`, `}`, `[`, `]`, `;`, `<`, and `>`.
 
+## Retrieve session information
+
+You can query your session pool to check session status, get expiration details, and list all active sessions. This capability is useful for monitoring session health, tracking resource usage, and implementing custom cleanup workflows.
+
+### Get a single session
+
+To retrieve details about a specific session, use the `getSession` endpoint:
+
+```text
+POST https://<SESSION_POOL_NAME>.<ENVIRONMENT_ID>.<REGION>.azurecontainerapps.io/.management/getSession?identifier=<SESSION_ID>&api-version=2024-02-02-preview
+Authorization: Bearer <TOKEN>
+```
+
+The `getSession` endpoint returns session metadata including the session identifier, current expiration time, and creation timestamp.
+
+#### SessionView response schema
+
+| Field | Type | Required | Description |
+|-------|------|----------|-------------|
+| `identifier` | string | Yes | The session identifier you provided |
+| `etag` | string | Yes | Opaque version identifier for the session. You can use this identifier for change detection. |
+| `expiresAt` | DateTime | Yes | UTC timestamp when the session will be terminated |
+| `createdAt` | DateTime | No | Session creation timestamp |
+| `lastAccessedAt` | DateTime | No | Timestamp of the last request to this session |
+
+#### Example request and response
+
+```bash
+curl -X POST "https://my-pool.env-id.westus2.azurecontainerapps.io/.management/getSession?identifier=user-123&api-version=2024-02-02-preview" \
+  -H "Authorization: Bearer $TOKEN"
+```
+
+Success response (HTTP 200):
+
+```json
+{
+  "identifier": "user-123",
+  "etag": "a1b2c3d4",
+  "expiresAt": "2026-04-30T14:30:00Z",
+  "createdAt": "2026-04-30T13:30:00Z",
+  "lastAccessedAt": "2026-04-30T14:29:00Z"
+}
+```
+
+### List all sessions in a pool
+
+To retrieve a list of all sessions in your session pool, use the `listSessions` endpoint:
+
+```text
+POST https://<SESSION_POOL_NAME>.<ENVIRONMENT_ID>.<REGION>.azurecontainerapps.io/.management/listSessions?skip=0&api-version=2024-02-02-preview
+Authorization: Bearer <TOKEN>
+```
+
+#### Pagination
+
+The list endpoint supports skip-based pagination. By default, each page returns up to 300 sessions. Use the `skip` query parameter to navigate through results.
+
+| Parameter | Description |
+|-----------|-------------|
+| `skip` | Number of sessions to skip from the beginning (default: 0) |
+| `nextLink` | Full URL for the next page of results (included in response when more results exist) |
+
+#### ApiCollectionEnvelope response schema
+
+| Field | Type | Description |
+|-------|------|-------------|
+| `value` | SessionView[] | Array of session objects |
+| `count` | integer | Number of sessions in the current page |
+| `nextLink` | string | URL for the next page (null if no more results) |
+
+#### Example pagination loop
+
+```bash
+POOL_URL="https://my-pool.env-id.westus2.azurecontainerapps.io"
+next_url="$POOL_URL/.management/listSessions?skip=0&api-version=2024-02-02-preview"
+
+while [ -n "$next_url" ]; do
+  response=$(curl -s -X POST "$next_url" \
+    -H "Authorization: Bearer $TOKEN")
+
+  echo "$response" | jq '.value[] | {identifier, expiresAt}'
+
+  next_url=$(echo "$response" | jq -r '.nextLink // empty')
+done
+```
+
+Example response (HTTP 200):
+
+```json
+{
+  "value": [
+    {
+      "identifier": "user-123",
+      "etag": "a1b2c3d4",
+      "expiresAt": "2026-04-30T14:30:00Z"
+    },
+    {
+      "identifier": "user-456",
+      "etag": "e5f6a7b8",
+      "expiresAt": "2026-04-30T14:31:00Z"
+    }
+  ],
+  "count": 2,
+  "nextLink": "https://my-pool.env-id.westus2.azurecontainerapps.io/.management/listSessions?skip=300"
+}
+```
+
+## Error responses
+
+When an error occurs, the API returns a structured error response with details to help you diagnose the issue.
+
+```json
+{
+  "error": {
+    "code": "ErrorCode",
+    "message": "Human-readable error description",
+    "details": "Optional additional context",
+    "target": "Field or parameter that caused the error",
+    "traceId": "Request trace ID for debugging"
+  }
+}
+```
+
+### Common error codes
+
+| Error Code | HTTP status | Description | Resolution |
+|------------|-------------|-------------|-----------|
+| `SessionWithIdentifierNotFound` | 400 | The session identifier doesn't exist in this session pool | Verify the session identifier is correct and the session hasn't expired |
+| `SessionRequestValidationFailed` | 400 | The request is missing required fields or has invalid parameters | Check the query parameters (identifier, skip, api-version) are properly formatted |
+| `SessionRequestNotSupported` | 400 | The request type isn't recognized by the API | Verify you're using a supported endpoint and method |
+| `InternalServerError` | 500 | An unexpected server-side error occurred | Retry the request; if the error persists, check the traceId in logs |
+
 ## Session lifecycle in practice
 
 As you continue to make calls to the same session, the session remains [allocated](sessions.md#key-concepts) in the pool. Once there are no requests to the session after the cooldown period has elapsed, the session is automatically destroyed.
 
+> [!NOTE]
+> In rare cases, when a session's background TTL-extension request fails (for example, if the container exits unexpectedly), the session is automatically removed from the pool. You'll see a "session not found" error on your next request to that session. This cleanup is automatic and requires no action on your part.
+
 ## Security
 
 ### Security model

articles/container-apps/sessions.md

@@ -5,7 +5,7 @@ services: container-apps
 author: craigshoemaker
 ms.service: azure-container-apps
 ms.topic: concept-article
-ms.date: 04/07/2025
+ms.date: 03/31/2026
 ms.author: cshoe
 ms.custom: references_regions, ignite-2024
 ---
@@ -41,7 +41,7 @@ Dynamic sessions are useful in a variety of situations, including:
 
 - **Session**: A session is the actual execution environment where your code or container runs. Sessions are ephemeral and isolated, designed for short-lived tasks. When you create a session, it's allocated from the session pool, ensuring fast startup. After the task completes or the cooldown period expires, the session is destroyed and resources are cleaned up.  
 
-- **Session lifecycle**: When your application sends a request with a session identifier, the session pool allocates a session automatically. The session stays active as long as requests continue. Once the cooldown period expires with no activity, the session is destroyed and its resources are cleaned up automatically.
+- **Session lifecycle**: When your application sends a request with a session identifier, the session pool allocates a session automatically. The session stays active as long as requests continue. Once the cooldown period expires with no activity, the session is destroyed and its resources are cleaned up automatically. You can also programmatically query session status and list all sessions in your pool to monitor health and implement custom management workflows.
 
 - **Request routing and identifiers**: Sessions are accessed through the session pool management endpoint. Requests include an `identifier` query parameter, and the pool routes the request to an existing session or allocates a new one if needed. The request path after the management endpoint is forwarded to the session container.
 
@@ -96,7 +96,5 @@ Dynamic sessions are designed to run untrusted code in isolated environments. Fo
 Custom container sessions are billed based on the resources consumed by the session pool. For more information, see [Azure Container Apps billing](./billing.md#dynamic-sessions).
 
 
-## Next steps
-- Learn how to configure [session pools](./session-pool.md) 
-- Learn how to use [dynamic sessions](./sessions-usage.md), including security and best practices
-
+## Related content
+- Learn how to configure [session pools](./session-pool.md)