> ## Documentation Index > Fetch the complete documentation index at: https://docs.gmicloud.ai/llms.txt > Use this file to discover all available pages before exploring further. # Create session > Create a login session for user. ## OpenAPI ````yaml /api-spec/ias-public-api.yaml post /me/sessions openapi: 3.0.3 info: title: IAM Service API description: APIs for IAM Service. version: 2.4.0 servers: - url: https://console.gmicloud.ai/api/v1 description: IAM Service API security: [] paths: /me/sessions: post: tags: - me summary: Create session description: Create a login session for user. operationId: createSession parameters: - $ref: '#/components/parameters/clientIdParam' requestBody: description: The request body for session creation required: true content: application/json: schema: $ref: '#/components/schemas/createSessionRequest' responses: '201': description: Successfully created a login session for user. content: application/json: schema: $ref: '#/components/schemas/sessionResponse' '400': description: > - [group:**request**, code:**0**]: Invalid field in the request body. - [group:**request**, code:**1**]: The request body is required. - [group:**auth**, code:**0**]: Invalid CE-ClientId. - [group:**auth**, code:**10**]: Invalid authToken. - [group:**session**, code:**205**]: Invalid otpCode. - [group:**session**, code:**206**]: Expired otpCode. content: application/json: schema: $ref: '#/components/schemas/ErrStatusMsg' examples: Invalid field in the request body: summary: Invalid field in the request body. value: group: request code: 0 validationDetail: - field: email expression: required originalValue: '' reason: This field is required. '500': description: > - [group:**session**, code:**202**]: Failed to get auth token data. - [group:**session**, code:**1**]: Failed to create access token. - [group:**session**, code:**2**]: Failed to create refresh token. - [group:**session**, code:**3**]: Failed to save session. - [group:**session**, code:**201**]: Failed to save auth token data. - [group:**session**, code:**203**]: Failed to delete auth token data. - [group:**organization**, code:**1200**]: Get organization grouping policy encountered error. - [group:**user**, code:**1401**]: Update user data encountered DB error. content: application/json: schema: $ref: '#/components/schemas/ErrStatusMsg' examples: Failed to create access token: summary: Failed to create access token. value: group: session code: 1 message: Failed to create access token. traces: - error occurred. components: parameters: clientIdParam: name: CE-ClientId in: header schema: type: string required: true description: | A unique identifier to each user device and browser. - Must be less than 8 characters. - Only alphanumeric characters are allowed. schemas: createSessionRequest: type: object x-go-name: createSessionRequest properties: authToken: type: string description: > A temporary token issued by the create auth token API. This token is used in the create session API to exchange for access and refresh tokens. example: eyJhbGciOiJIUzI1NiIsInR... x-oapi-codegen-extra-tags: binding: required otpCode: type: string description: > (Optional) A one-time passcode (OTP) provided by the user for native login with 2FA verification. - Must be a numeric code. - This field is required only if the `is2FARequired` field in the `POST /me/auth-tokens` API response is `true`. example: 321673 x-oapi-codegen-extra-tags: binding: omitempty,numeric x-go-type-skip-optional-pointer: true required: - type - authToken sessionResponse: type: object x-go-name: sessionResponse properties: accessToken: type: string description: The access token for API requests. example: eyJhbGciOiJIUzI1NiIsInR... refreshToken: type: string description: The refresh token for session management. example: eyJhbGciOiJIUzI1NiIsInR... required: - accessToken - refreshToken ErrStatusMsg: type: object properties: group: type: string description: >- API function group\n -Will be "request" if there are invalid request parameters. x-oapi-codegen-extra-tags: binding: required code: type: integer description: The substatus error code for the API response. x-oapi-codegen-extra-tags: binding: required message: type: string description: The substatus error Message for API response. x-go-type-skip-optional-pointer: true traces: type: array items: type: string description: The original error messages. x-go-type-skip-optional-pointer: true validationDetail: type: array items: $ref: '#/components/schemas/ValidationDetail' description: >- Returned when there are invalid request paremeters(group="request")\n List of invalid fields and the reason of error. x-go-type-skip-optional-pointer: true example: group: request code: 0 validationDetail: - field: email expression: required originalValue: '' reason: This field is required. required: - group - code ValidationDetail: type: object properties: field: type: string description: The field of the request data. x-go-type-skip-optional-pointer: true expression: type: string description: The form of violation. x-go-type-skip-optional-pointer: true argument: type: string description: The number or data to support the expression. x-go-type-skip-optional-pointer: true originalValue: description: The original value from the request. x-go-type-skip-optional-pointer: true reason: type: string description: The reason for the validation error. x-go-type-skip-optional-pointer: true example: - field: fieldXXX expression: required originalValue: '' reason: This field is required. ````