> ## Documentation Index
> Fetch the complete documentation index at: https://tbd-6fc993ce-hypeship-docs-website-deploy-hook.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Stream login flow events via SSE

> Establishes a Server-Sent Events (SSE) stream that delivers real-time
login flow state updates. The stream terminates automatically once
the flow reaches a terminal state (SUCCESS, FAILED, EXPIRED, CANCELED).




## OpenAPI

````yaml https://app.stainless.com/api/spec/documented/kernel/openapi.documented.yml get /auth/connections/{id}/events
openapi: 3.1.0
info:
  title: Kernel API
  description: Developer tools and cloud infrastructure for AI agents to use web browsers
  version: 0.1.0
servers:
  - url: https://api.onkernel.com
    description: API Server
security:
  - bearerAuth: []
tags:
  - name: Browsers
    description: Create and manage browser sessions.
  - name: Browser Computer Controls
    description: Control mouse, keyboard, and screen on the browser instance.
  - name: Browser Playwright
    description: Execute Playwright code against the browser instance.
  - name: Browser Filesystem
    description: Read, write, and manage files on the browser instance.
  - name: Browser Processes
    description: Execute and manage processes on the browser instance.
  - name: Browser Replays
    description: Record and manage browser session video replays.
  - name: Browser Logs
    description: Stream logs from the browser instance.
  - name: Browser Telemetry
    description: Stream live telemetry events from a browser session.
  - name: Profiles
    description: Create, list, retrieve, and delete browser profiles.
  - name: Proxies
    description: Create and manage proxy configurations for routing browser traffic.
  - name: Extensions
    description: Create, list, retrieve, and delete browser extensions.
  - name: Browser Pools
    description: Create and manage browser pools for acquiring and releasing browsers.
  - name: Managed Auth
    description: >-
      Create and manage auth connections for automated credential capture and
      login.
  - name: Credentials
    description: Create and manage credentials for authentication.
  - name: Credential Providers
    description: Configure external credential providers like 1Password.
  - name: Apps
    description: List applications and versions.
  - name: Deployments
    description: Create and manage app deployments and stream deployment events.
  - name: Invocations
    description: Invoke actions and stream or query invocation status and events.
  - name: Organization
    description: Read and manage organization-level limits.
  - name: Projects
    description: Create and manage projects for resource isolation within an organization.
  - name: API Keys
    description: Create and manage API keys for organization and project-scoped access.
  - name: Audit Logs
    description: Read audit log records for the authenticated organization.
paths:
  /auth/connections/{id}/events:
    get:
      tags:
        - Managed Auth
      summary: Stream login flow events via SSE
      description: |
        Establishes a Server-Sent Events (SSE) stream that delivers real-time
        login flow state updates. The stream terminates automatically once
        the flow reaches a terminal state (SUCCESS, FAILED, EXPIRED, CANCELED).
      operationId: getAuthConnectionsEventsById
      parameters:
        - name: id
          in: path
          required: true
          description: The auth connection ID to follow.
          schema:
            type: string
      responses:
        '200':
          description: SSE stream of auth connection state updates.
          headers:
            X-SSE-Content-Type:
              description: Media type of SSE data events (always application/json).
              schema:
                type: string
                const: application/json
          content:
            text/event-stream:
              schema:
                $ref: '#/components/schemas/ManagedAuthEvent'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
        '500':
          $ref: '#/components/responses/InternalError'
      security:
        - bearerAuth: []
      x-codeSamples:
        - lang: JavaScript
          source: |-
            import Kernel from '@onkernel/sdk';

            const client = new Kernel({
              apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted
            });

            const response = await client.auth.connections.follow('id');

            console.log(response);
        - lang: Python
          source: |-
            import os
            from kernel import Kernel

            client = Kernel(
                api_key=os.environ.get("KERNEL_API_KEY"),  # This is the default and can be omitted
            )
            for connection in client.auth.connections.follow(
                "id",
            ):
              print(connection)
        - lang: Go
          source: "package main\n\nimport (\n\t\"context\"\n\t\"fmt\"\n\n\t\"github.com/kernel/kernel-go-sdk\"\n\t\"github.com/kernel/kernel-go-sdk/option\"\n)\n\nfunc main() {\n\tclient := kernel.NewClient(\n\t\toption.WithAPIKey(\"My API Key\"),\n\t)\n\tstream := client.Auth.Connections.FollowStreaming(context.TODO(), \"id\")\n\tfor stream.Next() {\n\t\tfmt.Printf(\"%+v\\n\", stream.Current())\n\t}\n\terr := stream.Err()\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n}\n"
components:
  schemas:
    ManagedAuthEvent:
      oneOf:
        - $ref: '#/components/schemas/ManagedAuthStateEvent'
        - $ref: '#/components/schemas/ErrorEvent'
        - $ref: '#/components/schemas/SSEHeartbeatEvent'
      discriminator:
        propertyName: event
        mapping:
          managed_auth_state:
            $ref: '#/components/schemas/ManagedAuthStateEvent'
          error:
            $ref: '#/components/schemas/ErrorEvent'
          sse_heartbeat:
            $ref: '#/components/schemas/SSEHeartbeatEvent'
      description: Union type representing any managed auth event.
    ManagedAuthStateEvent:
      type: object
      description: An event representing the current state of a managed auth flow.
      required:
        - event
        - timestamp
        - flow_status
        - flow_step
      properties:
        event:
          type: string
          const: managed_auth_state
          description: Event type identifier (always "managed_auth_state").
        timestamp:
          type: string
          format: date-time
          description: Time the state was reported.
        flow_status:
          type: string
          enum:
            - IN_PROGRESS
            - SUCCESS
            - FAILED
            - EXPIRED
            - CANCELED
          description: Current flow status.
        flow_step:
          type: string
          enum:
            - DISCOVERING
            - AWAITING_INPUT
            - AWAITING_EXTERNAL_ACTION
            - SUBMITTING
            - COMPLETED
          description: Current step in the flow.
        flow_type:
          type: string
          enum:
            - LOGIN
            - REAUTH
          description: Type of the current flow.
        discovered_fields:
          type: array
          description: >-
            Fields awaiting input (present when flow_step=AWAITING_INPUT; may
            also be present with AWAITING_EXTERNAL_ACTION as fallback actions).
          items:
            $ref: '#/components/schemas/DiscoveredField'
        mfa_options:
          type: array
          description: >-
            MFA method options (present when flow_step=AWAITING_INPUT; may also
            be present with AWAITING_EXTERNAL_ACTION as fallback actions).
          items:
            $ref: '#/components/schemas/MFAOption'
        sign_in_options:
          type: array
          description: >-
            Non-MFA choices presented during the auth flow, such as account
            selection or org pickers (present when flow_step=AWAITING_INPUT; may
            also be present with AWAITING_EXTERNAL_ACTION as fallback actions).
          items:
            $ref: '#/components/schemas/SignInOption'
        pending_sso_buttons:
          type: array
          description: >-
            SSO buttons available (present when flow_step=AWAITING_INPUT; may
            also be present with AWAITING_EXTERNAL_ACTION as fallback actions).
          items:
            $ref: '#/components/schemas/SSOButton'
        external_action_message:
          type: string
          description: >-
            Instructions for external action (present when
            flow_step=AWAITING_EXTERNAL_ACTION).
        website_error:
          type: string
          description: >-
            Visible error message from the website (e.g., 'Incorrect password').
            Present when the website displays an error during login.
        error_message:
          type: string
          description: Error message (present when flow_status=FAILED).
        error_code:
          type: string
          description: Machine-readable error code (present when flow_status=FAILED).
        post_login_url:
          type: string
          format: uri
          description: URL where the browser landed after successful login.
        live_view_url:
          type: string
          format: uri
          description: Browser live view URL for debugging.
        hosted_url:
          type: string
          format: uri
          description: URL to redirect user to for hosted login.
    ErrorEvent:
      type: object
      description: An error event from the application.
      required:
        - event
        - timestamp
        - error
      properties:
        event:
          type: string
          const: error
          description: Event type identifier (always "error").
        timestamp:
          type: string
          format: date-time
          description: Time the error occurred.
        error:
          $ref: '#/components/schemas/Error'
    SSEHeartbeatEvent:
      type: object
      description: Heartbeat event sent periodically to keep SSE connection alive.
      required:
        - event
        - timestamp
      properties:
        event:
          type: string
          const: sse_heartbeat
          description: Event type identifier (always "sse_heartbeat").
        timestamp:
          type: string
          format: date-time
          description: Time the heartbeat was sent.
    Error:
      type: object
      required:
        - code
        - message
      properties:
        code:
          type: string
          description: Application-specific error code (machine-readable)
          example: bad_request
        message:
          type: string
          description: Human-readable error description for debugging
          example: 'Missing required field: app_name'
        details:
          type: array
          description: Additional error details (for multiple errors)
          items:
            $ref: '#/components/schemas/ErrorDetail'
        inner_error:
          $ref: '#/components/schemas/ErrorDetail'
    DiscoveredField:
      type: object
      description: A discovered form field
      properties:
        name:
          type: string
          description: Field name
          example: email
        type:
          type: string
          enum:
            - text
            - email
            - password
            - tel
            - number
            - url
            - code
            - totp
          description: Field type
          example: email
        label:
          type: string
          description: Field label
          example: Email address
        placeholder:
          type: string
          description: Field placeholder
          example: you@example.com
        required:
          type: boolean
          description: Whether field is required
          default: true
          example: true
        selector:
          type: string
          description: CSS selector for the field
          example: input#email
        linked_mfa_type:
          $ref: '#/components/schemas/MFAType'
          nullable: true
          description: >-
            If this field is associated with an MFA option, the type of that
            option (e.g., password field linked to "Enter password" option)
        hint:
          type: string
          description: >-
            Contextual help text near the field that tells the user what to
            enter (e.g., "Enter the phone ending in (***) ***-**92")
          example: Enter the phone ending in (***) ***-**92
      required:
        - name
        - type
        - label
        - selector
      additionalProperties: false
    MFAOption:
      type: object
      description: An MFA method option for verification
      properties:
        type:
          $ref: '#/components/schemas/MFAType'
        label:
          type: string
          description: The visible option text
          example: Text me a code
        target:
          type: string
          nullable: true
          description: The masked destination (phone/email) if shown
          example: '***-***-5678'
        description:
          type: string
          nullable: true
          description: Additional instructions from the site
          example: We'll send a 6-digit code to your phone
      required:
        - type
        - label
      additionalProperties: false
    SignInOption:
      type: object
      description: >-
        A non-MFA choice presented during the auth flow (e.g. account selection,
        org picker)
      properties:
        id:
          type: string
          description: Unique identifier for this option (used to submit selection back)
          example: work-account
        label:
          type: string
          description: Display text for the option
          example: Work Account (user@company.com)
        description:
          type: string
          nullable: true
          description: Additional context such as email address or org name
          example: user@company.com
      required:
        - id
        - label
      additionalProperties: false
    SSOButton:
      type: object
      description: An SSO button for signing in with an external identity provider
      properties:
        selector:
          type: string
          description: XPath selector for the button
          example: xpath=//button[contains(text(), 'Continue with Google')]
        provider:
          type: string
          description: Identity provider name
          example: google
        label:
          type: string
          description: Visible button text
          example: Continue with Google
      required:
        - selector
        - provider
        - label
      additionalProperties: false
    ErrorDetail:
      type: object
      properties:
        code:
          type: string
          description: Lower-level error code providing more specific detail
          example: invalid_input
        message:
          type: string
          description: Further detail about the error
          example: Provided version string is not semver compliant
    MFAType:
      type: string
      enum:
        - sms
        - call
        - email
        - totp
        - push
        - password
        - switch
      description: >-
        The MFA delivery method type. Includes 'password' for auth method
        selection pages and 'switch' for generic method-switcher links like "Use
        another method" that do not name a specific method.
      example: sms
  responses:
    Unauthorized:
      description: Unauthorized – missing or invalid authorization token
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    NotFound:
      description: Resource not found
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    InternalError:
      description: Internal Server Error
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer

````