Create session
Event session:create​
The session:create event is used to initialize a new conversation session after establishing a WebSocket connection. This event registers a new conversation context and prepares the system to receive and process messages.
{
"context": {
"user": {
"display_name": "John Doe",
"phone": "+1234567890"
}
},
"identity_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"timestamp": 1635789600000,
"is_test": false,
"opt_out": false
}
Payload fields​
| Field | Type | Required | Description |
|---|---|---|---|
context | Object | No | A context object containing information about the user and conversation environment. This context will be available throughout the session's lifecycle. |
identity_token | String | No | JWT token for identity verification. Used for secure authentication when required by the integration. |
timestamp | Integer | Yes | Unix timestamp in milliseconds representing when the session creation was initiated. |
is_test | Boolean | No | Flag indicating if this is a test session. Defaults to false if not provided. |
opt_out | Boolean | No | Flag indicating if the user has opted out of data collection. Defaults to false if not provided. |
Server responses​
Success: session:created​
On successful session creation, the server responds with a session:created event containing the created session details:
{
"session_id": "123e4567-e89b-12d3-a456-426614174000",
"inactivity_timeout_seconds": 600,
"is_service_desk": false,
"is_conversation": true,
"is_handover": false,
"assignee_agent_id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
"assignee_brain_id": "550e8400-e29b-41d4-a716-446655440000",
"keep_alive": 120,
"status": "active",
"assignee_collection_id": "c56a4180-65aa-42ec-a945-5fd21dec0538",
"source": {
"integration_id": "d9e7c112-8f11-4c80-9318-b3f98b9728d6",
"channel": "web",
"opt_out": false,
"is_test": false,
"account_id": "6fa459ea-ee8a-3ca4-894e-db77e160355e",
"brain_id": "550e8400-e29b-41d4-a716-446655440000",
"brain_parent_id": "329a91d4-dbfd-4dfc-8c76-ccd5d30e476b",
"brain_version": 3,
"desk_id": "1b1cb6bb-9c1e-4afe-b139-ca06fa2fff4f",
"session_timeout": 3600,
"account_slug": "acme-corp",
"department_id": "5f8cc8eb-6ef4-4a77-b8a0-51eb3f11e1b4"
},
"context": {
"user": {
"display_name": "John Doe",
"phone": "+1234567890"
}
}
}
Response fields​
| Field | Description |
|---|---|
session_id | Unique identifier for the created session, used in all subsequent interactions. |
inactivity_timeout_seconds | Time in seconds before the session expires due to inactivity. |
is_service_desk | Indicates if this session is connected to a service desk. |
is_conversation | Indicates if this session is a conversation type. |
is_handover | Indicates if this session is configured for human handover. |
assignee_agent_id | ID of the human agent assigned to this session (if any). |
assignee_brain_id | ID of the AI Agent assigned to this session. |
keep_alive | Interval in seconds for keep-alive messages. |
status | Current status of the session (e.g., "active"). |
assignee_collection_id | ID of the collection assigned to this session. |
source | Object containing metadata about the integration and account. |
context | Copy of the initial context provided. |
Moveo controls certain fields in the context object. As these are likely to be sensitive, the server will obfuscate these fields in the response showing them as ***.
Error responses​
If session creation fails, the server responds with one of the following error events:
| Error event | Description |
|---|---|
session:create:error | General error during session creation. |
session:create:error:invalid_identity_token | The provided identity token is invalid or expired. |
session:create:error:invalid_private_key | The private key used for verification is invalid. |
session:create:error:invalid_aes_claims | The AES claims in the token are invalid. |
session:create:error:failed_aes_descryption | AES decryption of the token failed. |
Error responses include the following payload:
{
"error_code": "invalid_token",
"description": "The provided identity token is invalid or has expired"
}
Session lifecycle​
After successful creation, the session enters the active state and remains available until explicitly closed or until it expires. The session:created response contains important timeout values (inactivity_timeout_seconds, keep_alive, and source.session_timeout in the payload object) that govern the session's lifespan.
For detailed information about session states, transitions, timeout mechanisms, and expiration behavior, see the Session lifecycle
documentation.Example usage​
The following example demonstrates how to create a session using the WebSocket API:
// Initialize socket connection (see connection.md for details)
const socket = io(URL, socketOptions);
// Connection event handling
socket.on("connect", () => {
console.log("Connected to WebSocket API");
// Create session payload
const sessionCreatePayload = {
context: {
user: {
display_name: "Jane Smith",
email: "jane.smith@example.com",
},
},
timestamp: Date.now(),
is_test: false,
opt_out: false,
};
// Send session:create event
socket.emit("session:create", sessionCreatePayload);
});
// Handle success response
socket.on("session:created", (data) => {
console.log("Session created:", data.session_id);
// Store session_id for future interactions
const sessionId = data.session_id;
// Now you can start sending messages with this session_id
});
// Handle specific error responses
socket.on("session:create:error", (error) => {
console.error("General error creating session:", error.description);
});
socket.on("session:create:error:invalid_identity_token", (error) => {
console.error("Invalid identity token:", error.description);
});
// Handle other potential errors
socket.on("session:create:error:invalid_private_key", handleAuthError);
socket.on("session:create:error:invalid_aes_claims", handleAuthError);
socket.on("session:create:error:failed_aes_descryption", handleAuthError);
function handleAuthError(error) {
console.error("Authentication error:", error.description);
// Implement retry logic or user notification
}
To prevent premature session expiration, send regular session:activity events during periods of user inactivity. See Client events for implementation details.