liforma docs

Public Sessions

Mint sessions for public embeds from the browser.

POST /v1/public-sessions

Called by the SDK when you use experienceId on a public embed. Requires a valid Origin header.

Request

POST https://api.liforma.ai/v1/public-sessions
Origin: https://your-app.com
Content-Type: application/json

{
  "experienceId": "exp_01DEMO1SPANISHCAFE"
}

Response 200

Session Manifest JSON.

Checks

  • Origin header required
  • Experience must exist and be public
  • Origin must be on the experience allowlist
  • Quota and rate limits apply

CORS

api.liforma.ai returns CORS headers for allowlisted origins. The SDK calls this endpoint directly from the browser.

Example

curl -X POST https://api.liforma.ai/v1/public-sessions \
  -H "Origin: https://your-app.com" \
  -H "Content-Type: application/json" \
  -d '{"experienceId": "exp_01DEMO1SPANISHCAFE"}'