Sessions, Profiles & Authentication

Table of Contents

• Sessions
• Profiles
• Profile Sync
• Authentication Strategies
• 1Password Integration
• Social Media Automation

Sessions

Sessions are stateful browser environments. Each has one browser, runs agents sequentially.

Auto-Created Sessions

Most tasks auto-create a session:

result = await client.run("Find top HN post")  # Session auto-created

Manual Sessions

For multi-step workflows or custom config:

session = await client.sessions.create(
    profile_id="uuid",           # Persistent profile
    proxy_country_code="us",     # Residential proxy
    start_url="https://example.com",
)

# Run multiple tasks in same session
await client.run("First task", session_id=session.id)
await client.run("Follow-up task", session_id=session.id)

# Get live URL for monitoring
session_info = await client.sessions.get(session.id)
print(session_info.live_url)  # Watch agent in real-time

await client.sessions.stop(session.id)

Live View & Sharing

Every session has a liveUrl for real-time monitoring. Create public share links:

share = await client.sessions.create_share(session.id)
print(share.share_url)  # Anyone with link can view

Profiles

Profiles persist browser state (cookies, localStorage, passwords) across sessions.

CRUD

# Create
profile = await client.profiles.create(name="my-profile")

# List
profiles = await client.profiles.list()

# Update
await client.profiles.update(profile.id, name="new-name")

# Delete
await client.profiles.delete(profile.id)

Usage Patterns

• Per-user: One profile per end-user for personalized sessions
• Per-site: One profile per website (e.g., "github-profile", "gmail-profile")
• Warm-up: Login once, reuse across all future tasks

Important:

• Profile state saved when session ends — always call sessions.stop()
• Concurrent sessions read from snapshot at start — won't see each other's changes
• Refresh profiles older than 7 days

Profile Sync

Upload local browser cookies to cloud profiles:

export BROWSER_USE_API_KEY=your_key
curl -fsSL https://browser-use.com/profile.sh | sh

Opens a browser where you log into sites. Returns a profile_id to use in tasks.

Authentication Strategies

1. Profile Sync (Easiest)

Log in locally, sync cookies to cloud:

curl -fsSL https://browser-use.com/profile.sh | sh

2. Secrets (Domain-Scoped)

Pass credentials as key-value pairs, scoped to domains:

result = await client.run(
    task="Login and check dashboard",
    secrets={
        "username": "my-user",
        "password": "my-pass",
    },
    allowed_domains=["*.example.com"],
)

Supports wildcards and multiple domains for OAuth/SSO flows.

3. Profiles + Secrets (Combined)

Use profile for cookies (skip login flow) with secrets as fallback:

session = await client.sessions.create(profile_id="uuid")
await client.run(
    task="Check dashboard",
    session_id=session.id,
    secrets={"password": "backup-pass"},
)
await client.sessions.stop(session.id)  # Save profile state

1Password Integration

Auto-fill passwords and TOTP/2FA codes from 1Password vault:

Setup

1. Create a dedicated vault in 1Password
2. Create a service account with vault access
3. Connect to Browser Use Cloud (settings page)
4. Use op_vault_id param in tasks

result = await client.run(
    task="Login to GitHub",
    op_vault_id="vault-uuid",
    allowed_domains=["*.github.com"],
)

Credentials never appear in logs — filled programmatically by 1Password.

Social Media Automation

Anti-bot detection requires consistent fingerprint + IP + cookies:

Setup

1. Create blank profile
2. Open session with profile + proxy → manually log in via liveUrl
3. Stop session (saves profile state)

Ongoing

• Always use same profile + same proxy country
• Refresh profiles older than 7 days

session = await client.sessions.create(
    profile_id="social-profile-uuid",
    proxy_country_code="us",  # Always same country
)
await client.run("Post update to Twitter", session_id=session.id)
await client.sessions.stop(session.id)