> ## Documentation Index > Fetch the complete documentation index at: https://docs.prelude.so/llms.txt > Use this file to discover all available pages before exploring further. # Migrate a legacy session > Validate a legacy session token via the customer's configured migration hook, create the user if needed, and return a login challenge token. This endpoint requires a migration configuration to be set up for the application. The returned challenge token can be finalized using the [Finalize login](/session/api-reference/frontend/finalize-login) endpoint, just like any other login method. ## OpenAPI ````yaml post /v1/session/migration openapi: 3.1.1 info: title: Prelude Auth Frontend API version: 0.0.1 description: The Prelude Frontend API for Authentication and Session Management contact: email: support@prelude.so servers: - url: https://{appId}.session.prelude.dev description: Production server variables: appId: default: changeme description: The appID security: [] tags: - name: Login OTP description: Login and step-up via OTP (phone or email) - name: Login Email Password description: Login via email and password - name: Login OAuth description: Login via OAuth providers - name: Login Finalize description: Finalize a login flow and create a session - name: Login Migration description: Migrate sessions from a legacy authentication system - name: Session description: Session refresh and revocation - name: Session Management description: Authenticated session and identifier management - name: Step-Up description: Step-up authentication flow - name: Well-Known description: Public key discovery endpoints - name: Password description: Password compliancy and change password paths: /v1/session/migration: post: tags: - Login Migration summary: Migrate a legacy session description: > Validate a legacy session token via the customer's configured migration hook, create the user if needed, and return a login challenge token. This endpoint requires a migration configuration to be set up for the application. The returned challenge token can be finalized using the [Finalize login](/session/api-reference/frontend/finalize-login) endpoint, just like any other login method. operationId: sessionMigration requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/LoginMigrationRequest' responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/LoginChallengeTokenResponse' '400': description: Bad Request content: application/json: schema: $ref: '#/components/schemas/BadRequestError' '500': description: Internal Error content: application/json: schema: $ref: '#/components/schemas/InternalError' components: schemas: LoginMigrationRequest: type: object properties: token: type: string description: The legacy session token to validate via the migration hook. examples: - legacy-session-token-abc123 code_challenge: type: string description: PKCE code challenge for the login flow. examples: - E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM dispatch_id: type: string description: The identifier of the dispatch from the front-end SDK. examples: - 123e4567-e89b-12d3-a456-426614174000 required: - token - code_challenge LoginChallengeTokenResponse: type: object properties: challenge_token: type: string examples: - eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9... required: - challenge_token BadRequestError: type: object properties: code: type: string enum: - bad_request type: type: string enum: - bad_request InternalError: type: object properties: code: type: string enum: - internal type: type: string enum: - internal ````