Create session

POST/v1/sessions

Create a SafetyKit identity session from server-side code before rendering pages that load the browser SDK. The request must be authenticated with a valid Bearer token.

Body ParametersJSONExpand Collapse

customer_session_id: optional string

Customer session identifier to bind to this identity session.

durationInMinutes: optional number

Token validity duration in minutes (1-180). Defaults to 60 if omitted.

minimum1

maximum180

user_id: optional string

Customer user identifier to bind to this identity session.

ReturnsExpand Collapse

token: string

Short-lived session token to use as Bearer token for API calls

account_id: string

Public account identifier to pass to the browser SDK

client_token: string

Client session token to pass to the browser SDK

expires_at: string

ISO 8601 timestamp when the token expires

expires_in: number

Seconds until the token expires

Create session

curl https://api.safetykit.com/v1/sessions \
    -X POST \
    -H "Authorization: Bearer $SAFETYKIT_API_KEY"

{
  "token": "sk_session_abc123...",
  "account_id": "acct_abc123",
  "client_token": "sk_session_abc123...",
  "expires_at": "2025-05-15T14:30:00.000Z",
  "expires_in": 3600
}

Returns Examples

{
  "token": "sk_session_abc123...",
  "account_id": "acct_abc123",
  "client_token": "sk_session_abc123...",
  "expires_at": "2025-05-15T14:30:00.000Z",
  "expires_in": 3600
}