Skip to main content

Creating Sessions

Warrant supports the use of short-lived, user-scoped sessions to grant limited access to the Warrant API. There are two types of sessions:

  • Authorization Sessions are scoped to a single user and only allow client-side authorization checks for that user.
  • Self-Service Dashboard Sessions are scoped to a single user and a single tenant. They can only be created for users with the view-self-service-dashboard permission (a predefined permission available by default in all accounts). These sessions allow your end users to manage the roles and permissions of other users in their tenant through the Self-Service Dashboard.

Creating Authorization Sessions


We recommend creating authorization sessions for your users during your login/sign-up flow. Once the session is created, you can return the generated session token to your client application along with any other information required for your normal login/sign-up process.

Create an Authorization Session

Using async/await
try {
const sessionToken = await warrantClient.createAuthorizationSession({ userId });
} catch (e) {
// Handle error
Using Promises
.createAuthorizationSession({ userId })
.then((sessionToken) => console.log(sessionToken))
.catch((error) => console.log(error));

Creating Self-Service Dashboard Sessions

Create a Self-Service Dashboard Session

Using async/await
const selfServiceSessionUrl = await warrantClient.createSelfServiceSession(
{ userId, tenantId },
Using Promises
.createSelfServiceSession({ userId, tenantId }, "")
.then((selfServiceUrl) => console.log(selfServiceUrl))
.catch((error) => console.log(error));