auth0
diff --git a/‎src/API/Management.php
+12-2 b/‎src/API/Management.php
+12-2
diff --git a/‎src/API/Management/RefreshTokens.php
+50 b/‎src/API/Management/RefreshTokens.php
+50
diff --git a/‎src/API/Management/Sessions.php
+50 b/‎src/API/Management/Sessions.php
+50
diff --git a/‎src/API/Management/Users.php
+64 b/‎src/API/Management/Users.php
+64
diff --git a/‎src/Contract/API/Management/RefreshTokensInterface.php
+46 b/‎src/Contract/API/Management/RefreshTokensInterface.php
+46
diff --git a/‎src/Contract/API/Management/SessionsInterface.php
+46 b/‎src/Contract/API/Management/SessionsInterface.php
+46
@@ -4,9 +4,9 @@
 
 namespace Auth0\SDK\API;
 
-use Auth0\SDK\API\Management\{Actions, AttackProtection, Blacklists, ClientGrants, Clients, Connections, DeviceCredentials, EmailTemplates, Emails, Grants, Guardian, Jobs, Keys, LogStreams, Logs, Organizations, ResourceServers, Roles, Rules, Stats, Tenants, Tickets, UserBlocks, Users, UsersByEmail};
+use Auth0\SDK\API\Management\{Actions, AttackProtection, Blacklists, ClientGrants, Clients, Connections, DeviceCredentials, EmailTemplates, Emails, Grants, Guardian, Jobs, Keys, LogStreams, Logs, Organizations, RefreshTokens, ResourceServers, Roles, Rules, Sessions, Stats, Tenants, Tickets, UserBlocks, Users, UsersByEmail};
 use Auth0\SDK\Configuration\SdkConfiguration;
-use Auth0\SDK\Contract\API\Management\{ActionsInterface, AttackProtectionInterface, BlacklistsInterface, ClientGrantsInterface, ClientsInterface, ConnectionsInterface, DeviceCredentialsInterface, EmailTemplatesInterface, EmailsInterface, GrantsInterface, GuardianInterface, JobsInterface, KeysInterface, LogStreamsInterface, LogsInterface, OrganizationsInterface, ResourceServersInterface, RolesInterface, RulesInterface, StatsInterface, TenantsInterface, TicketsInterface, UserBlocksInterface, UsersByEmailInterface, UsersInterface};
+use Auth0\SDK\Contract\API\Management\{ActionsInterface, AttackProtectionInterface, BlacklistsInterface, ClientGrantsInterface, ClientsInterface, ConnectionsInterface, DeviceCredentialsInterface, EmailTemplatesInterface, EmailsInterface, GrantsInterface, GuardianInterface, JobsInterface, KeysInterface, LogStreamsInterface, LogsInterface, OrganizationsInterface, RefreshTokensInterface, ResourceServersInterface, RolesInterface, RulesInterface, SessionsInterface, StatsInterface, TenantsInterface, TicketsInterface, UserBlocksInterface, UsersByEmailInterface, UsersInterface};
 use Auth0\SDK\Contract\API\{AuthenticationInterface, ManagementInterface};
 use Auth0\SDK\Utility\{HttpClient, HttpResponse, HttpResponsePaginator};
 use Psr\Cache\CacheItemPoolInterface;
@@ -202,6 +202,11 @@ public function organizations(): OrganizationsInterface
         return Organizations::instance($this->getHttpClient());
     }
 
+    public function refreshTokens(): RefreshTokensInterface
+    {
+        return RefreshTokens::instance($this->getHttpClient());
+    }
+
     public function resourceServers(): ResourceServersInterface
     {
         return ResourceServers::instance($this->getHttpClient());
@@ -217,6 +222,11 @@ public function rules(): RulesInterface
         return Rules::instance($this->getHttpClient());
     }
 
+    public function sessions(): SessionsInterface
+    {
+        return Sessions::instance($this->getHttpClient());
+    }
+
     public function stats(): StatsInterface
     {
         return Stats::instance($this->getHttpClient());
 
@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Auth0\SDK\API\Management;
+
+use Auth0\SDK\Contract\API\Management\RefreshTokensInterface;
+use Auth0\SDK\Utility\Request\RequestOptions;
+use Auth0\SDK\Utility\Toolkit;
+use Psr\Http\Message\ResponseInterface;
+
+/**
+ * Handles requests to the Refresh Tokens endpoint of the v2 Management API.
+ *
+ * @see https://auth0.com/docs/api/management/v2#!/Refresh_Tokens
+ */
+final class RefreshTokens extends ManagementEndpoint implements RefreshTokensInterface
+{
+    public function delete(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$id] = Toolkit::filter([$id])->string()->trim();
+
+        Toolkit::assert([
+            [$id, \Auth0\SDK\Exception\ArgumentException::missing('id')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('delete')->addPath(['refresh-tokens', $id])
+            ->withOptions($options)
+            ->call();
+    }
+
+    public function get(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$id] = Toolkit::filter([$id])->string()->trim();
+
+        Toolkit::assert([
+            [$id, \Auth0\SDK\Exception\ArgumentException::missing('id')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('get')->addPath(['refresh-tokens', $id])
+            ->withOptions($options)
+            ->call();
+    }
+}
@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Auth0\SDK\API\Management;
+
+use Auth0\SDK\Contract\API\Management\SessionsInterface;
+use Auth0\SDK\Utility\Request\RequestOptions;
+use Auth0\SDK\Utility\Toolkit;
+use Psr\Http\Message\ResponseInterface;
+
+/**
+ * Handles requests to the Sessions endpoint of the v2 Management API.
+ *
+ * @see https://auth0.com/docs/api/management/v2/Sessions
+ */
+final class Sessions extends ManagementEndpoint implements SessionsInterface
+{
+    public function delete(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$id] = Toolkit::filter([$id])->string()->trim();
+
+        Toolkit::assert([
+            [$id, \Auth0\SDK\Exception\ArgumentException::missing('id')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('delete')->addPath(['sessions', $id])
+            ->withOptions($options)
+            ->call();
+    }
+
+    public function get(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$id] = Toolkit::filter([$id])->string()->trim();
+
+        Toolkit::assert([
+            [$id, \Auth0\SDK\Exception\ArgumentException::missing('id')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('get')->addPath(['sessions', $id])
+            ->withOptions($options)
+            ->call();
+    }
+}
@@ -221,6 +221,38 @@ public function deleteMultifactorProvider(
             ->call();
     }
 
+    public function deleteRefreshTokens(
+        string $user,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$user] = Toolkit::filter([$user])->string()->trim();
+
+        Toolkit::assert([
+            [$user, \Auth0\SDK\Exception\ArgumentException::missing('user')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('delete')->addPath(['users', $user, 'refresh-tokens'])
+            ->withOptions($options)
+            ->call();
+    }
+
+    public function deleteSessions(
+        string $user,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$user] = Toolkit::filter([$user])->string()->trim();
+
+        Toolkit::assert([
+            [$user, \Auth0\SDK\Exception\ArgumentException::missing('user')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('delete')->addPath(['users', $user, 'sessions'])
+            ->withOptions($options)
+            ->call();
+    }
+
     public function get(
         string $id,
         ?RequestOptions $options = null,
@@ -351,6 +383,22 @@ public function getPermissions(
             ->call();
     }
 
+    public function getRefreshTokens(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$id] = Toolkit::filter([$id])->string()->trim();
+
+        Toolkit::assert([
+            [$id, \Auth0\SDK\Exception\ArgumentException::missing('id')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('get')->addPath(['users', $id, 'refresh-tokens'])
+            ->withOptions($options)
+            ->call();
+    }
+
     public function getRoles(
         string $id,
         ?RequestOptions $options = null,
@@ -367,6 +415,22 @@ public function getRoles(
             ->call();
     }
 
+    public function getSessions(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$id] = Toolkit::filter([$id])->string()->trim();
+
+        Toolkit::assert([
+            [$id, \Auth0\SDK\Exception\ArgumentException::missing('id')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('get')->addPath(['users', $id, 'sessions'])
+            ->withOptions($options)
+            ->call();
+    }
+
     public function invalidateBrowsers(
         string $id,
         ?RequestOptions $options = null,
 
@@ -0,0 +1,46 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Auth0\SDK\Contract\API\Management;
+
+use Auth0\SDK\Utility\Request\RequestOptions;
+use Psr\Http\Message\ResponseInterface;
+
+interface RefreshTokensInterface
+{
+    /**
+     * Delete a Refresh Token by ID.
+     * Required scope: `delete:refresh_tokens`.
+     *
+     * @param string              $id      ID of the refresh token to delete.
+     * @param null|RequestOptions $options Optional. Additional request options to use, such as a field filtering or pagination. (Not all endpoints support these. See @see for supported options.)
+     *
+     * @throws \Auth0\SDK\Exception\ArgumentException when an invalid `id` is provided
+     * @throws \Auth0\SDK\Exception\NetworkException  when the API request fails due to a network error
+     *
+     * @see https://auth0.com/docs/api/management/v2#!/Refresh_Tokens/delete_refresh_token
+     */
+    public function delete(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface;
+
+    /**
+     * Retrieve Refresh Token information
+     * Required scopes:
+     * - `read:refresh_tokens` for any call to this endpoint.
+     *
+     * @param string              $id      ID of refresh token to retrieve
+     * @param null|RequestOptions $options Optional. Additional request options to use, such as a field filtering or pagination. (Not all endpoints support these. See @see for supported options.)
+     *
+     * @throws \Auth0\SDK\Exception\ArgumentException when an invalid `id` is provided
+     * @throws \Auth0\SDK\Exception\NetworkException  when the API request fails due to a network error
+     *
+     * @see https://auth0.com/docs/api/management/v2#!/Refresh_Tokens/get_refresh_token
+     */
+    public function get(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface;
+}
@@ -0,0 +1,46 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Auth0\SDK\Contract\API\Management;
+
+use Auth0\SDK\Utility\Request\RequestOptions;
+use Psr\Http\Message\ResponseInterface;
+
+interface SessionsInterface
+{
+    /**
+     * Delete a Session by ID.
+     * Required scope: `delete:sessions`.
+     *
+     * @param string              $id      ID of the session to delete.
+     * @param null|RequestOptions $options Optional. Additional request options to use, such as a field filtering or pagination. (Not all endpoints support these. See @see for supported options.)
+     *
+     * @throws \Auth0\SDK\Exception\ArgumentException when an invalid `id` is provided
+     * @throws \Auth0\SDK\Exception\NetworkException  when the API request fails due to a network error
+     *
+     * @see https://auth0.com/docs/api/management/v2#!/Sessions/delete_session
+     */
+    public function delete(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface;
+
+    /**
+     * Retrieve Session information
+     * Required scopes:
+     * - `read:sessions` for any call to this endpoint.
+     *
+     * @param string              $id      ID of session to retrieve
+     * @param null|RequestOptions $options Optional. Additional request options to use, such as a field filtering or pagination. (Not all endpoints support these. See @see for supported options.)
+     *
+     * @throws \Auth0\SDK\Exception\ArgumentException when an invalid `id` is provided
+     * @throws \Auth0\SDK\Exception\NetworkException  when the API request fails due to a network error
+     *
+     * @see https://auth0.com/docs/api/management/v2#!/Sessions/get_session
+     */
+    public function get(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface;
+}