# Client Sessions

## Create webapp SDK session

**post** `/v1/sessions`

Create a browser-safe SafetyKit webapp SDK session token from server-side code before rendering pages that load the browser SDK. The request must be authenticated with a valid Bearer token.

### Body Parameters

- `customer_session_hash: optional string`

  Hashed customer browser session value associated with the browser SDK session.

- `customer_user_id: optional string`

  Customer user identifier associated with the browser SDK session.

### Returns

- `session_token: string`

  Browser-safe webapp SDK session token to pass to the browser SDK.

### Example

```http
curl https://api.safetykit.com/v1/sessions \
    -X POST \
    -H "Authorization: Bearer $SAFETYKIT_API_KEY"
```

#### Response

```json
{
  "session_token": "skst_v1_01HZ..."
}
```

## Domain Types

### Client Session Create Session Response

- `ClientSessionCreateSessionResponse object { session_token }`

  Response containing the browser-safe webapp SDK session token.

  - `session_token: string`

    Browser-safe webapp SDK session token to pass to the browser SDK.