> ## Documentation Index > Fetch the complete documentation index at: https://docs.finhub.cloud/llms.txt > Use this file to discover all available pages before exploring further. # Create customer session > Creates a new session for an individual customer user after registration. ## OpenAPI ````yaml /openapi.yaml post /api/v2.1/customer/individual/{customerId}/users/{userId}/sessions openapi: 3.1.0 info: title: Business BFF API version: 1.0.0 description: Backend for Frontend - Business Panels Orchestration Layer servers: - url: https://sandbox.finhub.cloud description: Sandbox Environment security: [] tags: - name: AML description: Anti-Money Laundering checks and transaction monitoring - name: Admin - Consent Management description: Operations for managing consent templates and definitions - name: B2B Customer - Organization description: B2B organization registration and management - name: B2C Customer - Individual description: Individual customer registration and lifecycle management - name: BFF Admin - Tenant Initialization description: Lazy tenant initialization for fast startup - name: Catalog Hierarchy description: Hierarchical catalog management APIs - name: Catalog-Process Mapping description: APIs for catalog-process relationship management - name: Consent description: Payment consent creation and approval - name: Draft Management - name: External Events description: Kafka-to-HTTP bridge event ingestion and query - name: FinCard Virtual - Webhooks description: FinCard Virtual Card Webhook receiver - name: FinCard Virtual Account description: FinCard Virtual Card Account API proxy - name: FinCard Virtual Card Holder description: FinCard Virtual Card Holder API proxy - name: FinCard Virtual Cards description: FinCard Virtual Card API proxy - name: FinCard Virtual Common description: FinCard Virtual Card Common API proxy - name: FinCard Virtual Wallet description: FinCard Virtual Card Wallet API v2 proxy - name: FinTrans - Operations description: Financial transaction operations - name: Internal Webhooks description: Internal service-to-service webhook trigger (HMAC-secured) - name: MFE Preload description: MFE preload endpoints for SSR optimization - name: MFE Registry description: MFE Registry management endpoints - name: Payment Consent Management description: Operations for managing payment consents and validation - name: Person description: Person details for process context - name: Products description: Product Catalog Management API - name: Reference Data description: Shared reference data (countries, etc.) - name: Tenant Lifecycle description: Tenant mode transitions and lifecycle management - name: Tenant Registration description: Self-registration and tenant onboarding - name: Transfers description: Transfer prepare/execute aliases for muse-proxy compatibility - name: Verification description: Customer verification (KYC/KYB/AML) management - name: Wallet description: Wallet operations and balance management - name: Webhooks description: Webhook subscription and delivery management paths: /api/v2.1/customer/individual/{customerId}/users/{userId}/sessions: post: tags: - B2C Customer - Individual summary: Create customer session description: >- Creates a new session for an individual customer user after registration. parameters: - name: customerId schema: type: string format: uuid examples: - 00000000-0000-0000-0000-000000000000 in: path required: true - name: userId schema: type: string format: uuid examples: - 00000000-0000-0000-0000-000000000000 in: path required: true - name: X-Forwarded-For in: header required: true schema: type: string example: 127.0.0.1 - name: X-Tenant-ID in: header required: true schema: type: string example: tenant-demo-001 - name: sec-ch-ua-platform in: header required: false schema: type: string - name: X-Forwarded-From in: header required: true description: Client source identifier schema: type: string example: client-app - name: platform in: header required: true description: Client platform schema: type: string example: mobile - name: deviceId in: header required: true description: Device identifier schema: type: string example: device-demo-001 requestBody: content: application/json: schema: $ref: '#/components/schemas/CreateIndividualSessionRequest' required: true responses: '200': description: Session created content: application/json: schema: $ref: '#/components/schemas/BaseResponseSessionResponse' '400': description: Bad request '401': description: Unauthorized '404': description: Customer or user not found '500': description: Internal server error components: schemas: CreateIndividualSessionRequest: type: object description: Create individual session request properties: username: type: string examples: - customer.login.123456@example.test description: Username used for customer login x-mint: '{"group":"createindividualsessionrequest","order":1}' example: customer.login.123456@example.test password: type: string examples: - SecurePass123! description: Customer password for session creation x-mint: '{"group":"createindividualsessionrequest","order":2}' example: SecurePass123! tenantKey: type: string examples: - a1B2c3D4e5F6g7H8i9J0kLmNopQr description: Tenant key credential used by auth service x-mint: '{"group":"createindividualsessionrequest","order":3}' example: a1B2c3D4e5F6g7H8i9J0kLmNopQr tenantSecret: type: string examples: - s3Cr3tKeyXyZpQwErTyUiOpAsDfGh description: Tenant secret credential used by auth service x-mint: '{"group":"createindividualsessionrequest","order":4}' example: s3Cr3tKeyXyZpQwErTyUiOpAsDfGh credentialType: type: string examples: - PASSWORD description: Credential type for alternative auth flows x-mint: '{"group":"createindividualsessionrequest","order":5}' example: PASSWORD value: type: string examples: - customer.login.123456@example.test description: Credential value used with credentialType-based auth x-mint: '{"group":"createindividualsessionrequest","order":6}' example: customer.login.123456@example.test tenantId: type: string examples: - 11111111-2222-4333-8444-555555555555 description: Tenant UUID for session context x-mint: '{"group":"createindividualsessionrequest","order":7}' example: 11111111-2222-4333-8444-555555555555 BaseResponseSessionResponse: type: object description: Standard API response wrapper with session in data properties: code: type: integer format: int32 examples: - 200 description: HTTP-style status code example: 200 data: $ref: '#/components/schemas/SessionResponse' type: object description: Session tokens and metadata message: type: string examples: - Success description: Result message example: Success SessionResponse: type: object description: Session response payload properties: success: type: boolean examples: - true description: Session creation status example: true message: type: string examples: - Session created successfully description: Operation message example: Session created successfully token: type: string examples: - eyJhbGciOi... description: Access token (truncated in docs examples) example: eyJhbGciOi... refreshToken: type: string examples: - eyJhbGciOi... description: Refresh token (truncated in docs examples) example: eyJhbGciOi... sessionId: type: string examples: - 3c13a5ab-5e26-4372-9a85-1b2eb323c592 description: Session identifier example: 3c13a5ab-5e26-4372-9a85-1b2eb323c592 expiresAt: type: string examples: - '2026-03-16T20:49:32.000Z' description: Token expiration timestamp example: '2026-03-16T20:49:32.000Z' expiresIn: type: integer format: int32 errorType: type: string user: $ref: '#/components/schemas/SessionUserData' SessionUserData: type: object properties: id: type: string customerId: type: string customerStatus: type: string email: type: string fullName: type: string firstName: type: string lastName: type: string organizationId: type: string role: type: string phoneNumber: type: string isActive: type: boolean lastLogin: type: string createdAt: type: string updatedAt: type: string tenantId: type: string gender: type: string phones: type: array items: $ref: '#/components/schemas/PhoneData' PhoneData: type: object properties: phoneType: type: string encoding: type: string number: type: string ````