# Create session

Creates a new face authentication session that will provide a secure context to the process. It returns a device session ID that will be used when initiating the authentication process from the client side. This should be called from the backend.

Endpoint: POST /api/v1/face-auth
Security: verify_access_token

## Request fields (application/json):

  - `reference` (any, required)

  - `use_case` (string)
    Use case for the face authentication flow. Will be used in the future for per use case configurations.
    Enum: "login", "credentials-recovery", "step-up"

## Response 200 fields (application/json):

  - `session_id` (string, required)
    Identifier for the created session

  - `device_session_id` (string, required)
    Identifier for the created device session (also referred to as DSID). This must be used by the client when initiating the face authentication session in order to bind the device to the session.