> ## Documentation Index
> Fetch the complete documentation index at: https://docs.ekiden.fi/llms.txt
> Use this file to discover all available pages before exploring further.

# Authorize Session

> Authorize a session key via delegation



## OpenAPI

````yaml /api-reference/openapi.json post /api/v1/authorize/session
openapi: 3.1.0
info:
  title: ekiden-gateway
  description: >-
    API Gateway and WebSocket proxy based on Axum and Utoipa, handling auth,
    rate limiting, and connection buffering.
  license:
    name: ''
  version: 0.1.1
servers:
  - url: https://api.ekiden.fi/
    description: Production
  - url: https://api.staging.ekiden.fi/
    description: Staging
  - url: https://api.dev.ekiden.fi/
    description: Development
  - url: http://localhost:4020/
    description: Local
security: []
paths:
  /api/v1/authorize/session:
    post:
      tags:
        - User
      summary: Authorize Session
      description: Authorize a session key via delegation
      operationId: authorize_session
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SessionAuthRequest'
        required: true
      responses:
        '200':
          description: Successfully authorized and token generated
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthorizeResponse'
components:
  schemas:
    SessionAuthRequest:
      type: object
      description: A request to authenticate using a Session Key.
      required:
        - delegation
        - nonce
        - timestamp_ms
        - session_signature
      properties:
        delegation:
          $ref: '#/components/schemas/SessionDelegation'
        nonce:
          type: string
        session_signature:
          type: string
        timestamp_ms:
          type: integer
          format: int64
    AuthorizeResponse:
      type: object
      required:
        - token
        - user_id
      properties:
        token:
          type: string
        user_id:
          $ref: '#/components/schemas/UserId'
    SessionDelegation:
      type: object
      description: A delegation of authority from a Root Key to a Session Key.
      required:
        - root_public_key
        - session_public_key
        - scopes
        - expires_at
        - root_signature
      properties:
        expires_at:
          type: integer
          format: int64
        root_public_key:
          type: string
        root_signature:
          type: string
        scopes:
          type: array
          items:
            $ref: '#/components/schemas/Scope'
        session_public_key:
          type: string
    UserId:
      type: string
      format: uuid
    Scope:
      type: string
      enum:
        - full
        - read
        - trade
        - withdraw
        - admin

````