akeylesslabs · harrison-akeyless · Jun 15, 2026 · Jun 15, 2026 · Jun 15, 2026 · Jun 15, 2026
diff --git a/... Remote Access/sra-admin-guides/sra-session-management/sra-sessions-overview.md b/... Remote Access/sra-admin-guides/sra-session-management/sra-sessions-overview.md
@@ -18,15 +18,17 @@ For CLI-driven monitoring and automation, use `list-sra-sessions` to query the s
 
 The Session Overview page displays detailed information for each session. The following key details are provided:
 
-* **Client Interface**: Indicates how the session was initiated. Options include: Web Portal - CLI, Web Portal - Web, CLI and Desktop Application)
+* **Client Interface**: Indicates how the session was initiated. Options include Portal CLI, Portal Web, and CLI.
 * **User**: The username of the individual who initiated the session.
 * **Gateway Name**: The name of the gateway through which the session is managed.
-* **Resource Type**: The type of resource accessed during the session. Examples include: SSH, RDP, Databases, Kubernetes (K8s) and more.
+* **Resource Type**: The type of resource accessed during the session. Examples include: SSH, RDP, databases, Kubernetes (K8s), and more.
 * **Secret Name**: The identifier for the secret used during the session.
 * **Session ID**: The unique Secure Remote Access session identifier.
 * **Status**: The current state of the session (For example, active, closed, or terminated).
 * **Duration**: The length of time the session has been active.
 
+For Secure Remote Access sessions, the same session ID is used in Session Overview and Audit Log entries.
+
 ## Real-Time Updates
 
 * **Auto-Refresh**: The sessions list automatically updates every 20 seconds to ensure the displayed information is current.
@@ -71,6 +73,8 @@ For API details, see [List SRA Sessions](https://docs.akeyless.io/reference/list
 
 Every session update is captured in the Audit Log, including the Secure Remote Access Session ID. This ensures that any changes (such as status updates or modifications) are recorded for compliance and troubleshooting purposes.
 
+For Secure Remote Access session events, user identity is recorded in `sra_unique_identifier`.
+
 ## Permissions
 
 * **Self-Session Visibility**: Any user who initiates a session is permitted to view their own session details (there is no need to specify any permission for that).

diff --git a/...ess/sra-admin-guides/sra-session-management/sra-web-access-session-recording.md b/...ess/sra-admin-guides/sra-session-management/sra-web-access-session-recording.md
@@ -31,6 +31,30 @@ This feature is configured with deployment-time defaults in the Zero Trust Web A
 
 For ongoing Secure Remote Access session behavior, manage web and SSH settings through the Akeyless API by using the CLI or Console UI.
 
+## Session Correlation
+
+ZTWA recordings use the same Secure Remote Access session identifier that appears in Session Overview and Audit Log entries.
+
+For supported ZTWA versions, this identifier is a 24-digit numeric session ID.
+
+To correlate a recording to a user account:
+
+1. Get the session ID from the recording object key or filename.
+2. Find the same session ID in Session Overview.
+3. Review the associated Audit Log events for that session ID.
+
+In audit events, the end user identity appears as `sra_unique_identifier`.
+
+### Prerequisites For Session Visibility
+
+If browser sessions run but Session Overview and Audit Log entries are missing, verify the following deployment settings:
+
+* Use a ZTWA version that includes session reporting (`v2.0.0-rc6` or later).
+* Ensure `clusterName` exactly matches the connected Akeyless Gateway cluster name.
+* Authenticate ZTWA by using the same Access ID that the Gateway is registered with.
+* If the Gateway certificate is private or self-signed, provide trust material to ZTWA.
+* Ensure the Gateway is running and registered in the same Akeyless account.
+
 ## Configuration Surfaces
 
 Use these surfaces:
@@ -97,6 +121,7 @@ Use overrides only when service-specific behavior must differ from the shared `s
 6. Optionally tune watchdog values for long-running workloads.
 7. Deploy or upgrade the chart.
 8. Start a ZTWA browser session and verify the recording artifact in the configured storage destination.
+9. Validate correlation by matching the session ID across the recording, Session Overview, and Audit Log.
 
 ## Related Pages
 

diff --git a/docs/Secure Remote Access/sra-setup/sra-web-access-on-k8s/index.md b/docs/Secure Remote Access/sra-setup/sra-web-access-on-k8s/index.md
@@ -259,6 +259,20 @@ sessionRecording:
 
 When enabled, the worker captures the browser session and the dispatcher prepares the upload artifact and uploads it to S3 or S3-compatible storage.
 
+For supported ZTWA versions, recordings, Session Overview entries, and Audit Log events share the same Secure Remote Access session identifier.
+
+#### Session visibility prerequisites
+
+If browser sessions work but Session Overview and Audit Log entries do not appear, the deployment must meet the following requirements for audit logs and session recording correlation:
+
+* Use a ZTWA version that includes session reporting (`v2.0.0-rc6` or later).
+* Ensure `clusterName` exactly matches the connected Akeyless Gateway cluster name.
+* Authenticate ZTWA by using the same Access ID that the Gateway is registered with.
+* If the Gateway certificate is private or self-signed, provide trust material to ZTWA.
+* Ensure the Gateway is running and registered in the same Akeyless account.
+
+The same cluster name and Gateway Access ID are required to correlate audit logs and session recordings.
+
 #### Recording quality
 
 Set `sessionRecording.quality` to one of: