Description: ID of an environment to attach to the session. When set, the browser loads the environment’s saved cookies, local storage, extensions, and other browser data before starting the task. Files stored in the environment are also available to the session. This maintains consistent browser state (e.g., login sessions) and persistent file access across multiple sessions.
Example:
{ "environmentId": "683a1f2e4b0c1d2e3f4a5b6c", "mode": "default", "task": { "prompt": "Go to amazon.com and check my orders" }}
Use profiles to skip login steps. Log in once with a profile attached, then reuse that profile for future sessions — the saved cookies keep you authenticated.
Description: ID of an automation policy to enforce during the session. When set, every agent action is evaluated against the policy’s rules before execution. Actions can be allowed, blocked, or paused for human approval depending on the matching rule. Policies cover domain restrictions, keyword filters, action types, URL patterns, and sensitive data detection.
Example:
{ "environmentId": "683a1f2e4b0c1d2e3f4a5b6c", "policyId": "pol_xyz789", "mode": "default", "task": { "prompt": "Extract the latest invoice from the vendor portal", "startingUrl": "https://vendor.example.com" }}
policyId is a top-level session parameter, alongside environmentId and proxy. A session can have a policy, an environment, both, or neither. See Automation Policies for details.
Description: Proxy configuration for the session. Routes all browser traffic through the specified proxy server. The proxy is applied at the device level, ensuring no IP leakage. Adds 2-3 seconds of cold-start latency per session.
Two proxy sources are available:
Source
Description
Cost
WebRun
WebRun assigns a residential proxy from its pool
$4 per GB
custom
Bring your own HTTP or SOCKS proxy
No additional charge
WebRun Proxy Fields:
Field
Type
Required
Description
source
string
Yes
"WebRun"
country
string
Yes
ISO 3166-1 alpha-2 country code (e.g. "US", "GB", "DE") or "random"
level
string
No
Proxy level: "system" or "chrome". When omitted, routed to the best available connection that matches the country. system applies the proxy at the system level (no IP leakage, slower cold start). chrome applies the proxy to Chrome directly (faster cold start, may leak IP in edge cases like WebRTC).
Custom Proxy Fields:
Field
Type
Required
Description
source
string
Yes
"custom"
type
string
Yes
"http" or "socks"
host
string
Yes
Proxy server hostname or IP
port
string
Yes
Proxy server port
username
string
No
Authentication username
password
string
No
Authentication password
level
string
No
Proxy level: "system" or "chrome". When omitted, routed to the best available connection. See WebRun proxy fields for details.
The proxy field is a top-level session parameter, alongside environmentId. It is not nested inside task. The proxy applies to the entire session — all tasks within the session use the same proxy.
Type:string — one of "off", "guardrail_only", "full"
Required: No
Default:"guardrail_only"
Description: Controls whether the chat-connected user (Telegram, WhatsApp, Slack, Discord, Teams) on the session’s environment receives proactive messages from this session. The chat user is only contacted when no client is actively watching the session (no polling or WebSocket subscriber). This is a top-level session parameter and applies for the lifetime of the session.
Allowed values:
Value
Behavior
"off"
No proactive messages — guardrails and results stay on the API/WebSocket channel only.
"guardrail_only"
Bot pings the chat user only when the session hits a guardrail (CAPTCHA, 2FA, verification, login, etc.). This is the default.
"full"
Bot pings on guardrails and on task_completed with the task result delivered to chat.
Validation: Invalid values return 400 Bad Request with the error message reachOutMode must be one of: off, guardrail_only, full.Example:
Description: Array of secret entries to provide credentials for websites the agent visits. Secrets are matched by domain pattern so the agent uses the right credentials for each site.
Secret Entry Structure:
Field
Type
Required
Description
match
string
Yes
Domain pattern to match (e.g. *.salesforce.com) or all to match every site
fields
object
Yes
Key-value pairs of credential fields (e.g. email, password, apiKey)
Secrets are never stored in a database or persisted anywhere. They are only attached to the active session and immediately discarded once the session is destroyed. Secrets are never included in task output or webhook payloads.
See Secrets guide for matching rules, custom fields, and best practices.
Description: Array of file IDs (returned from POST /files/upload) to attach to a task. The agent can use these files during browser automation — for example, uploading a document to a website form. This is a task-level parameter — place it alongside prompt.
Example with /start/run-task:
{ "prompt": "Upload this document to the submission form", "startingUrl": "https://example.com/upload", "files": ["abc123...", "def456..."]}
Example with /start/start-session:
{ "mode": "default", "task": { "prompt": "Upload the attached file to the portal", "startingUrl": "https://example.com/portal", "files": ["abc123..."] }}
{ "type": "CLICK", // or "DOUBLE_CLICK" "x": 500, "y": 300}
Parameters:
x (number): Horizontal coordinate (0-1024)
y (number): Vertical coordinate (155-600, accounting for browser chrome)
Coordinate System: The browser viewport is 1024×600 pixels. The top 155 pixels are browser chrome (not clickable). Clickable area is 1024×445 pixels starting at Y=155.
The usage object provides token and cost information:
{ inputTokens: number; // Number of input tokens used outputTokens: number; // Number of output tokens generated computeTime: number; // Compute time in seconds cost: number; // Cost in USD}
