> ## Documentation Index
> Fetch the complete documentation index at: https://docs.getpara.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Session Transfer

> Exporting Para sessions for server-side operations

Learn how to securely transfer session state from your client application to your server for performing operations on behalf of authenticated users.

## Exporting Sessions for Server-Side Operations

Use `waitAndExportSession()` when you need to transfer an authenticated user's session state to your server.

```typescript theme={null}
const serializedSession = await para.waitAndExportSession();

await fetch("/api/import-session", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({ session: serializedSession }),
});
```

<Info>
  `waitAndExportSession()` waits until the SDK has reached an authenticated state before exporting session data. Use it for client-to-server handoff flows immediately after login.
</Info>

<Warning>
  By default, the exported session includes signer data so your server can sign for the user. If your server needs to sign messages or transactions, do not use `excludeSigners`.
</Warning>

If the server only needs to validate the user's session and does not need signing capabilities, export without signer data:

```typescript theme={null}
const sessionWithoutSigners = await para.waitAndExportSession({
  excludeSigners: true,
});
```

## Importing Sessions

For cases where you need to import a previously exported session back into a Para client instance:

<MethodDocs
  defaultExpanded={true}
  preventCollapse={true}
  name="importSession()"
  description="Imports session data."
  async={true}
  parameters={[
{
  name: "session",
  type: "string",
  required: true
}
]}
/>

```typescript theme={null}
const para = new Para(apiKey);

await para.importSession(exportedSessionString);

const isActive = await para.isSessionActive();
```

<Note>
  A Para instance can hold one active session at a time. On the server, create a fresh `ParaServer` instance for each imported user session.
</Note>

## Server-Side Implementation

To learn more about handling sessions on the server, check out the following guide:

<Card horizontal title="Server-Side Session Management" imgUrl="/images/v3/general-server.png" href="/v3/server/guides/sessions" description="Learn how to manage Para sessions on your server." />

## Best Practices

* **Export for the operation you need**: Include signer data only when your server will sign for the user.
* **Secure transmission**: Always use HTTPS when transmitting exported sessions to your server. Do not log serialized sessions.
* **Session validation**: Verify the session validity on your server before performing authenticated operations.
