> ## Documentation Index > Fetch the complete documentation index at: https://developer.tryfinch.com/llms.txt > Use this file to discover all available pages before exploring further. # Create a new connect session > Create a new connect session for an employer NOTE: The connect session uses Basic Auth; in the sample request above use `client_id` as the username and `client_secret` as a password. For example: `Authorization: Basic ` ## OpenAPI ````yaml post /connect/sessions openapi: 3.1.0 info: title: API Reference version: '2020-09-17' contact: {} description: >- The Finch HRIS API provides a unified way to connect to a multitide of HRIS systems. The API requires an access token issued by Finch. By default, Organization and Payroll requests use Finch's [Data Syncs](/developer-resources/Data-Syncs). If a request is made before the initial sync has completed, Finch will request data live from the provider. The latency on live requests may range from seconds to minutes depending on the provider and batch size. For automated integrations, Deductions requests (both read and write) are always made live to the provider. Latencies may range from seconds to minutes depending on the provider and batch size. Employer products are specified by the product parameter, a space-separated list of products that your application requests from an employer authenticating through Finch Connect. Valid product names are— - `company`: Read basic company data - `directory`: Read company directory and organization structure - `individual`: Read individual data, excluding income and employment data - `employment`: Read individual employment and income data - `payment`: Read payroll and contractor related payments by the company - `pay_statement`: Read detailed pay statements for each individual - `benefits`: Create and manage deductions and contributions and enrollment for an employer [![Open in Postman](https://run.pstmn.io/button.svg)](https://god.gw.postman.com/run-collection/21027137-08db0929-883d-4094-a9ce-dbf5a9bee4a4?action=collection%2Ffork&collection-url=entityId%3D21027137-08db0929-883d-4094-a9ce-dbf5a9bee4a4%26entityType%3Dcollection%26workspaceId%3D1edf19bc-e0a8-41e9-ac55-481a4b50790b) servers: - url: https://api.tryfinch.com description: '' security: [] tags: - name: Organization - name: Payroll - name: Deductions - name: Management - name: Sandbox paths: /connect/sessions: post: tags: - Connect summary: Create a new connect session description: Create a new connect session for an employer operationId: post-connect-sessions parameters: - $ref: '#/components/parameters/API-Version' requestBody: content: application/json: schema: $ref: '#/components/schemas/CreateConnectSessionRequest' responses: '201': description: Created content: application/json: schema: $ref: '#/components/schemas/CreateConnectSessionResponse' examples: Success: value: session_id: 550e8400-e29b-41d4-a716-446655440000 connect_url: >- https://connect.tryfinch.com/authorize?session=550e8400-e29b-41d4-a716-446655440000 '400': description: Bad Request content: application/json: schema: type: object properties: code: type: integer example: 400 finch_code: type: string enum: - connection_already_exists - invalid_request example: connection_already_exists message: type: string example: >- There's an existing connection for the customer_id: {customer_id}. Please use the /connect/sessions/reauthenticate endpoint instead. name: type: string example: bad_request context: type: object properties: customer_id: type: string connection_id: type: string examples: ExistingConnection: value: code: 400 finch_code: connection_already_exists message: >- There's an existing connection for the customer_id: {customer_id}. Please use the /connect/sessions/reauthenticate endpoint instead. name: bad_request context: customer_id: 1234567890 connection_id: 550e8400-e29b-41d4-a716-446655440000 '401': description: Unauthorized content: application/json: schema: type: object properties: code: type: integer example: 401 finch_code: type: string example: invalid_client message: type: string example: 'Invalid client: Unable to validate credentials' examples: InvalidCredentials: value: error: 'Invalid client: Unable to validate credentials' security: - basicAuth: [] x-codeSamples: - lang: JavaScript source: |- import Finch from '@tryfinch/finch-api'; const client = new Finch({ clientID: process.env['FINCH_CLIENT_ID'], // This is the default and can be omitted clientSecret: process.env['FINCH_CLIENT_SECRET'], // This is the default and can be omitted }); const response = await client.connect.sessions.new({ customer_id: 'x', customer_name: 'x', products: ['benefits'], }); console.log(response.session_id); - lang: Python source: |- import os from finch import Finch client = Finch( client_id=os.environ.get("FINCH_CLIENT_ID"), # This is the default and can be omitted client_secret=os.environ.get("FINCH_CLIENT_SECRET"), # This is the default and can be omitted ) response = client.connect.sessions.new( customer_id="x", customer_name="x", products=["benefits"], ) print(response.session_id) - lang: Go source: "package main\n\nimport (\n\t\"context\"\n\t\"fmt\"\n\n\t\"github.com/Finch-API/finch-api-go\"\n\t\"github.com/Finch-API/finch-api-go/option\"\n)\n\nfunc main() {\n\tclient := finchgo.NewClient(\n\t\toption.WithClientID(\"4ab15e51-11ad-49f4-acae-f343b7794375\"),\n\t\toption.WithClientSecret(\"My Client Secret\"),\n\t)\n\tresponse, err := client.Connect.Sessions.New(context.TODO(), finchgo.ConnectSessionNewParams{\n\t\tCustomerID: finchgo.F(\"x\"),\n\t\tCustomerName: finchgo.F(\"x\"),\n\t\tProducts: finchgo.F([]finchgo.ConnectSessionNewParamsProduct{finchgo.ConnectSessionNewParamsProductBenefits}),\n\t})\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\tfmt.Printf(\"%+v\\n\", response.SessionID)\n}\n" - lang: Java source: |- package com.tryfinch.api.example; import com.tryfinch.api.client.FinchClient; import com.tryfinch.api.client.okhttp.FinchOkHttpClient; import com.tryfinch.api.models.ConnectSessionNewParams; import com.tryfinch.api.models.SessionNewResponse; public final class Main { private Main() {} public static void main(String[] args) { FinchClient client = FinchOkHttpClient.fromEnv(); ConnectSessionNewParams params = ConnectSessionNewParams.builder() .customerId("x") .customerName("x") .addProduct(ConnectSessionNewParams.ConnectProducts.BENEFITS) .build(); SessionNewResponse response = client.connect().sessions().new_(params); } } - lang: Kotlin source: |- package com.tryfinch.api.example import com.tryfinch.api.client.FinchClient import com.tryfinch.api.client.okhttp.FinchOkHttpClient import com.tryfinch.api.models.ConnectSessionNewParams import com.tryfinch.api.models.SessionNewResponse fun main() { val client: FinchClient = FinchOkHttpClient.fromEnv() val params: ConnectSessionNewParams = ConnectSessionNewParams.builder() .customerId("x") .customerName("x") .addProduct(ConnectSessionNewParams.ConnectProducts.BENEFITS) .build() val response: SessionNewResponse = client.connect().sessions().new(params) } - lang: Ruby source: >- require "finch_api" finch = FinchAPI::Client.new(client_id: "4ab15e51-11ad-49f4-acae-f343b7794375", client_secret: "My Client Secret") response = finch.connect.sessions.new(customer_id: "x", customer_name: "x", products: [:benefits]) puts(response) components: parameters: API-Version: name: Finch-API-Version in: header required: true schema: type: string default: '2020-09-17' format: date pattern: ([12]\d{3}-(0[1-9]|1[0-2])-(0[1-9]|[12]\d|3[01])) description: >- Header used to specify the version for a given API request. Current version is 2020-09-17. schemas: CreateConnectSessionRequest: type: object properties: customer_id: type: string minLength: 1 maxLength: 255 description: Unique identifier for the customer customer_name: type: string minLength: 1 maxLength: 255 description: Name of the customer customer_email: type: string nullable: true format: email description: Email address of the customer products: type: array items: $ref: '#/components/schemas/ConnectProducts' description: >- The Finch products to request access to. Use `benefits` to access deductions endpoints — `deduction` is a deprecated alias that is still accepted but should not be combined with `benefits`. redirect_uri: type: string nullable: true description: The URI to redirect to after the Connect flow is completed minutes_to_expire: type: number nullable: true minimum: 1 maximum: 129600 description: >- The number of minutes until the session expires (defaults to 129,600, which is 90 days) sandbox: type: string nullable: true enum: - finch - provider - null description: Sandbox mode for testing manual: type: boolean nullable: true description: Enable manual authentication mode integration: type: object nullable: true properties: provider: type: string description: The provider to integrate with auth_method: type: string nullable: true enum: - assisted - credential - oauth - api_token - null description: The authentication method to use required: - provider description: Integration configuration for the connect session required: - customer_id - customer_name - products CreateConnectSessionResponse: type: object properties: session_id: type: string description: The unique identifier for the created connect session connect_url: type: string format: uri description: The Connect URL to redirect the user to for authentication required: - session_id - connect_url ConnectProducts: type: string enum: - benefits - company - deduction - directory - documents - employment - individual - payment - pay_statement - ssn securitySchemes: basicAuth: type: http scheme: basic description: Please use base64 encoded client_id:client_secret ````