For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Log inSign up
Support
GuidesReference
GuidesReference
    • Core
      • Overview
    • Agents
      • Overview
      • AgentBase
      • AgentServer
      • Configuration
        • AuthHandler
        • ConfigLoader
        • Environment Variables
        • Logging
        • PromptManager
        • SchemaUtils
        • ServerlessAdapter
        • SessionManager
          • cleanup
          • createSession
          • createToolToken
          • debugToken
          • deleteSessionMetadata
          • generateToken
          • getSessionMetadata
          • setSessionMetadata
          • validateToken
          • validateToolToken
        • SslConfig
      • ContextBuilder
      • DataMap
      • FunctionResult
      • Helper Functions & Utilities
      • LiveWire
      • PomBuilder
      • Prefabs
      • SkillBase
      • SkillManager
      • SkillRegistry
      • Skills
      • SwaigFunction
      • SwmlBuilder
      • SWMLService
    • RELAY
      • Overview
      • Actions
      • Call
      • Constants
      • Events
      • Message
      • RelayClient
      • RelayError
    • REST Client
      • Overview
      • Addresses
      • Calling
      • ChatResource
      • Compat
      • Datasphere
      • Fabric
      • ImportedNumbersResource
      • Logs
      • LookupResource
      • MFA
      • Number Groups
      • Phone Numbers
      • Project
      • PubSubResource
      • Queues
      • Recordings
      • Registry
      • RestClient
      • RestError
      • Short Codes
      • SIP Profile
      • Verified Callers
      • Video
LogoLogoSignalWire Docs
Log inSign up
Support
On this page
  • Constructor
  • Properties
  • Methods
  • Example
AgentsConfiguration

SessionManager

|View as Markdown|Open in Claude|
Was this page helpful?
Edit this page
Previous

cleanup

Next
Built with

SessionManager provides stateless HMAC-SHA256 token generation and validation for SWAIG function call authentication. Tokens encode a call ID, function name, expiry, and nonce, signed with a shared secret. It also supports per-session metadata storage with automatic cleanup.

1import { SessionManager } from '@signalwire/sdk';
2
3const sm = new SessionManager(900); // 15-minute token expiry
4const token = sm.generateToken('get_weather', 'call-123');
5const valid = sm.validateToken('call-123', 'get_weather', token);

Constructor

tokenExpirySecs
numberDefaults to 900

Token validity duration in seconds.

secretKey
string

HMAC signing secret. A random 32-byte key is generated if omitted.

Properties

debugMode
booleanDefaults to false

When true, debugToken decodes token internals for inspection. When false, debugToken returns { error: "debug mode not enabled" }. Set this to true at runtime only when you need to inspect token contents.

Methods

createSession

Return or generate a session identifier.

generateToken

Generate a signed token binding a function to a call ID.

createToolToken

Alias for generateToken.

validateToken

Validate a token against expected call ID and function name.

validateToolToken

Alias for validateToken with reordered parameters.

debugToken

Decode token components without validating the signature.

getSessionMetadata

Retrieve metadata for a session.

setSessionMetadata

Merge metadata into a session.

cleanup

Remove expired session metadata entries.

deleteSessionMetadata

Delete all metadata for a session.

Example

1import { SessionManager } from '@signalwire/sdk';
2
3const sm = new SessionManager();
4const token = sm.generateToken('get_weather', 'call-abc123');
5
6// Later, validate the token
7const valid = sm.validateToken('call-abc123', 'get_weather', token);
8console.log('Token valid:', valid); // true