diff --git a/app/code/core/Mage/Api/Model/Cron.php b/app/code/core/Mage/Api/Model/Cron.php
new file mode 100644
index 00000000000..c04eef9e90a
--- /dev/null
+++ b/app/code/core/Mage/Api/Model/Cron.php
@@ -0,0 +1,28 @@
+<?php
+/**
+ * OpenMage
+ *
+ * This source file is subject to the Open Software License (OSL 3.0)
+ * that is bundled with this package in the file LICENSE.txt.
+ * It is also available at https://opensource.org/license/osl-3-0-php
+ *
+ * @category   Mage
+ * @package    Mage_Api
+ * @copyright  Copyright (c) 2023 The OpenMage Contributors (https://www.openmage.org)
+ * @license    https://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
+ */
+
+class Mage_Api_Model_Cron
+{
+    /**
+     * Clean session table
+     *
+     * @param Mage_Cron_Model_Schedule $schedule
+     * @return $this
+     */
+    public function cleanOldSessions($schedule)
+    {
+        Mage::getResourceSingleton('api/user')->cleanOldSessions(null);
+        return $this;
+    }
+}
diff --git a/app/code/core/Mage/Api/Model/Resource/User.php b/app/code/core/Mage/Api/Model/Resource/User.php
index e5c4c2e4896..e7dbd1bb088 100644
--- a/app/code/core/Mage/Api/Model/Resource/User.php
+++ b/app/code/core/Mage/Api/Model/Resource/User.php
@@ -101,22 +101,28 @@ public function recordSession(Mage_Api_Model_User $user)
     /**
      * Clean old session
      *
-     * @param Mage_Api_Model_User $user
+     * @param Mage_Api_Model_User|null $user
      * @return $this
      */
-    public function cleanOldSessions(Mage_Api_Model_User $user)
+    public function cleanOldSessions(?Mage_Api_Model_User $user)
     {
         $readAdapter    = $this->_getReadAdapter();
         $writeAdapter   = $this->_getWriteAdapter();
         $timeout        = Mage::getStoreConfig('api/config/session_timeout');
-        $timeSubtract     = $readAdapter->getDateAddSql(
+        $timeSubtract   = $readAdapter->getDateAddSql(
             'logdate',
             $timeout,
             Varien_Db_Adapter_Interface::INTERVAL_SECOND
         );
+        $where = [
+            $readAdapter->quote(Varien_Date::now()) . ' > '. $timeSubtract
+        ];
+        if ($user) {
+            $where['user_id = ?'] = $user->getId();
+        }
         $writeAdapter->delete(
             $this->getTable('api/session'),
-            ['user_id = ?' => $user->getId(), $readAdapter->quote(Varien_Date::now()) . ' > ' . $timeSubtract]
+            $where
         );
         return $this;
     }
diff --git a/app/code/core/Mage/Api/etc/config.xml b/app/code/core/Mage/Api/etc/config.xml
index 9d84e4b6252..3b10b9169f7 100644
--- a/app/code/core/Mage/Api/etc/config.xml
+++ b/app/code/core/Mage/Api/etc/config.xml
@@ -110,6 +110,18 @@
             </modules>
         </translate>
     </adminhtml>
+    <crontab>
+        <jobs>
+            <api_session_cleanup>
+                <schedule>
+                    <cron_expr>0 35 * * *</cron_expr>
+                </schedule>
+                <run>
+                    <model>api/cron::cleanOldSessions</model>
+                </run>
+            </api_session_cleanup>
+        </jobs>
+    </crontab>
     <default>
         <api>
             <config>
diff --git a/app/code/core/Mage/Core/Model/Resource/Session.php b/app/code/core/Mage/Core/Model/Resource/Session.php
index 0acc6d1228e..0427f2a5258 100644
--- a/app/code/core/Mage/Core/Model/Resource/Session.php
+++ b/app/code/core/Mage/Core/Model/Resource/Session.php
@@ -19,7 +19,7 @@
  * @category   Mage
  * @package    Mage_Core
  */
-class Mage_Core_Model_Resource_Session implements Zend_Session_SaveHandler_Interface
+class Mage_Core_Model_Resource_Session implements SessionHandlerInterface
 {
     /**
      * Session maximum cookie lifetime
@@ -162,6 +162,7 @@ public static function setStaticSaveHandler()
      * @param string $sessName ignored
      * @return bool
      */
+    #[\ReturnTypeWillChange]
     public function open($savePath, $sessName)
     {
         return true;
@@ -172,6 +173,7 @@ public function open($savePath, $sessName)
      *
      * @return bool
      */
+    #[\ReturnTypeWillChange]
     public function close()
     {
         $this->gc($this->getLifeTime());
@@ -185,6 +187,7 @@ public function close()
      * @param string $sessId
      * @return string
      */
+    #[\ReturnTypeWillChange]
     public function read($sessId)
     {
         $select = $this->_read->select()
@@ -208,6 +211,7 @@ public function read($sessId)
      * @param string $sessData
      * @return bool
      */
+    #[\ReturnTypeWillChange]
     public function write($sessId, $sessData)
     {
         $bindValues = [
@@ -241,6 +245,7 @@ public function write($sessId, $sessData)
      * @param string $sessId
      * @return bool
      */
+    #[\ReturnTypeWillChange]
     public function destroy($sessId)
     {
         $where = ['session_id = ?' => $sessId];
@@ -254,6 +259,7 @@ public function destroy($sessId)
      * @param int $sessMaxLifeTime ignored
      * @return bool
      */
+    #[\ReturnTypeWillChange]
     public function gc($sessMaxLifeTime)
     {
         if ($this->_automaticCleaningFactor > 0) {