Skip to main content

Creating Sessions

Warrant supports the use of short-lived, user-scoped sessions to grant limited access to the Warrant API. There are two types of sessions:

  • Authorization Sessions are scoped to a single user and only allow client-side authorization checks for that user.
  • Self-Service Dashboard Sessions are scoped to a single user and a single tenant. They can only be created for users with the view-self-service-dashboard permission (a predefined permission available by default in all accounts). These sessions allow your end users to manage the roles and permissions of other users in their tenant through the Self-Service Dashboard.

Creating Authorization Sessions

note

We recommend creating authorization sessions for your users during your login/sign-up flow. Once the session is created, you can return the generated session token to your client application along with any other information required for your normal login/sign-up process.

Create an Authorization Session

Using async/await
const sessionToken = await warrantClient.createSession(userId);
Using Promises
warrantClient
.createSession(userId)
.then((sessionToken) => console.log(sessionToken))
.catch((error) => console.log(error));

Creating Self-Service Dashboard Sessions

Create a Self-Service Dashboard Session

Using async/await
const selfServiceSessionUrl = await warrantClient.createSelfServiceSession(
userId,
"https://my-website.com/account"
);
Using Promises
warrantClient
.createSelfServiceSession(userId, "https://my-website.com/account")
.then((selfServiceUrl) => console.log(selfServiceUrl))
.catch((error) => console.log(error));