POST
/
auth-sessions
import Conductor from 'conductor-node';

const client = new Conductor({
  apiKey: process.env['CONDUCTOR_SECRET_KEY'], // This is the default and can be omitted
});

async function main() {
  const authSession = await client.authSessions.create({
    endUserId: 'end_usr_1234567abcdefg',
    publishableKey: '{{YOUR_PUBLISHABLE_KEY}}',
  });

  console.log(authSession.id);
}

main();
{
  "id": "auth_sess_1234567abcdefg",
  "objectType": "auth_session",
  "createdAt": "2021-01-01T12:34:56.789Z",
  "endUserId": "end_usr_1234567abcdefg",
  "clientSecret": "auth_sess_client_secret_1234567abcdefg",
  "authFlowUrl": "https://connect.conductor.is/qbd/auth_sess_client_secret_1234567abcdefg?key={{YOUR_PUBLISHABLE_KEY}}",
  "expiresAt": "2021-01-01T00:00:00.000Z",
  "redirectUrl": "https://myapp.com/auth/callback"
}

Authorizations

Authorization
string
header
required

Your Conductor secret key using Bearer auth (e.g., "Authorization: Bearer {{YOUR_SECRET_KEY}}").

Body

application/json
publishableKey
string
required

Your Conductor publishable key, which we use to create the auth session's authFlowUrl.

endUserId
string
required

The ID of the end-user for whom to create the integration connection.

linkExpiryMins
number
default:
30

The number of minutes after which the auth session will expire. Must be at least 15 minutes and no more than 7 days. If not provided, defaults to 30 minutes.

redirectUrl
string

The URL to which Conductor will redirect the end-user to return to your app after they complete the authentication flow. If not provided, their browser tab will close instead.

Response

200 - application/json
Returns the auth session object.
id
string
required

The unique identifier for this auth session.

objectType
string
required

The type of object. This value is always "auth_session".

Allowed value: "auth_session"
createdAt
string
required

The date and time when this auth session record was created.

endUserId
string
required

The ID of the end-user for whom to create an integration connection.

clientSecret
string
required

The secret used in authFlowUrl to securely access the authentication flow.

authFlowUrl
string
required

The URL of the authentication flow that you will pass to your client for your user to set up their integration connection.

expiresAt
string
required

The date and time when this auth session expires. By default, this value is 30 minutes from creation. You can extend this time by setting linkExpiryMins when creating the auth session.

redirectUrl
string | null
required

The URL to which Conductor will redirect your user to return to your app after they complete the authentication flow. If null, their browser tab will close instead.

The Auth Session objectThe End-User object