Freestyle Docs

Freestyle / Docs

Client Sessions

Let browser clients operate existing Freestyle VMs with scoped access tokens.

Client sessions let a browser or end-user agent operate an existing VM without receiving your Freestyle API key. Your server creates an identity, grants VM permissions, creates a token, and sends that token to the client.

Issue A Client Token

import { freestyle } from "freestyle";

const { vm, vmId } = await freestyle.vms.create();

const { identity } = await freestyle.identities.create();
await identity.permissions.vms.grant({
  vmId,
});

const { token } = await identity.tokens.create();

return { token, vmId };

Use The Token In A Client

import { Freestyle } from "freestyle";

const freestyle = new Freestyle({
  accessToken: token,
});

const { vm } = await freestyle.vms.get({ vmId });
await vm.exec("pwd");

Limits

Client session tokens are for operations on existing VMs. They should not be used as a replacement for your server-side API key or for letting users create arbitrary resources.

A client token can start a stopped VM when it runs an operation, connects over SSH, or sends traffic to the VM.

Open in Claude Code Open in Codex Open in Cursor Open in Conductor Open in ChatGPT Open Markdown
esc