Skip to content

Console Sessions API

Base URL: https://app.kvmfleet.io/v1

Start a console session

Opens a proxied connection to a device's KVM web UI.

curl -X POST https://app.kvmfleet.io/v1/sessions \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"device_id": "dev_abc123"}'

{
  "session_id": "ses_xyz789",
  "console_url": "https://app.kvmfleet.io/console/ses_xyz789",
  "created_at": "2026-04-15T14:30:00Z"
}

Open console_url in a browser to access the KVM interface. The URL is authenticated — it only works for the user who created the session.

List active sessions

curl https://app.kvmfleet.io/v1/sessions \
  -H "Authorization: Bearer $TOKEN"

{
  "sessions": [
    {
      "session_id": "ses_xyz789",
      "device_id": "dev_abc123",
      "device_name": "DC1-R3-S7",
      "user_id": "usr_abc123",
      "user_email": "admin@example.com",
      "started_at": "2026-04-15T14:30:00Z"
    }
  ]
}

Close a session

curl -X DELETE https://app.kvmfleet.io/v1/sessions/ses_xyz789 \
  -H "Authorization: Bearer $TOKEN"

{"ok": true}

Admins can close any session in their organization. Members can only close their own.

Session lifecycle

  1. User calls POST /v1/sessions with a device ID
  2. Platform creates a session record and notifies the agent via the WS tunnel
  3. User opens the console_url in their browser
  4. All HTTP traffic is proxied: Browser -> Platform -> Agent -> KVM Web UI
  5. Session ends when the user closes it, or after 30 minutes of inactivity

All session open/close events are recorded in the audit log.