Client Sessions and Client Session Tokens
Use a client session token to restrict access to the devices that a specific user owns.
Last updated
Was this helpful?
Use a client session token to restrict access to the devices that a specific user owns.
Last updated
Was this helpful?
A client session enables a client, such as a web browser or mobile phone, to access the Seam API directly. You can use client sessions to simplify your architecture. That is, when you use client sessions and client session tokens with the Seam JavaScript SDK, you can authenticate and authorize users of your web application directly with Seam.
Once you create a client session on the backend, you can pass the resulting generated client session token from the backend to the frontend (that is, to the client). Using client session tokens on the frontend eliminates the need for your user's browser to communicate with your backend server. Instead, the client makes requests directly to the Seam API.
Client sessions make it easy to control your users' access to devices. When you create a client session, you can specify , along with the associated with this user. Then, you can .
You can use client sessions in the following two ways:
Create a client session on the backend and pass the resulting generated client session token to your frontend. You use this client session token in the frontend with the Seam JavaScript SDK or Seam Components.
Request:
Response:
Request:
Response:
Request:
Response:
Request:
You can only use a client session token in a browser context through the Seam JavaScript SDK. Do not use a client session token to make requests from the backend. Instead, use an . An API key has unlimited permission to manage all devices and other Seam API resources within a . Never use an API key in the browser or expose it to your users.
Manage client sessions entirely on the frontend by using a .
To for an existing user with connected accounts in your workspace, include the IDs of the user's connected accounts (connected_account_ids
) and . Then, use the generated client session token to retrieve and manage the resources authorized through the connected accounts associated with this client session.
You can within your workspace.
To , provide the client session ID (client_session_id
).
To , provide the client session ID (client_session_id
).
Learn about using .
Learn more about .