## Create webapp SDK session `client.clientSessions.createSession(ClientSessionCreateSessionParamsbody, RequestOptionsoptions?): ClientSessionCreateSessionResponse` **post** `/v1/sessions` Create a browser-safe SafetyKit webapp SDK session token from server-side code before rendering pages that load the browser SDK. Provide at least one of customer_user_id or customer_session_hash. When customer_user_id is present, use the same canonical user ID string that you send as user_id in SafetyKit server-to-server events. The request must be authenticated with a valid Bearer token. ### Parameters - `ClientSessionCreateSessionParams = Variant0 | Variant1` - `ClientSessionCreateSessionParamsBase` - `customer_user_id: string` Customer user identifier associated with the browser SDK session. Use the same canonical user ID string that you send as user_id in SafetyKit server-to-server events. - `customer_session_hash?: string` Stable opaque customer session hash associated with the browser SDK session. - `Variant0 extends ClientSessionCreateSessionParamsBase` - `Variant1 extends ClientSessionCreateSessionParamsBase` ### Returns - `ClientSessionCreateSessionResponse` Response containing the browser-safe webapp SDK session token and hosted SDK script URL. - `sdk_script_url: string` SafetyKit-hosted browser SDK script URL to render as the script src. - `session_token: string` Browser-safe webapp SDK session token to pass to the browser SDK. ### Example ```typescript import Safetykit from 'safetykit'; const client = new Safetykit({ apiKey: process.env['SAFETYKIT_API_KEY'], // This is the default and can be omitted }); const response = await client.clientSessions.createSession({ customer_user_id: 'user_12345', customer_session_hash: 'session_hash_abc123', }); console.log(response.sdk_script_url); ``` #### Response ```json { "sdk_script_url": "https://cdn.sk-diagnostics.com/web/v1/sdk.js", "session_token": "skst_v2_eyJ..." } ```