How to update a Phantom’s session cookie via API

Sophie
Sophie This badge shows you’re hearing straight from the source! Team members are here to share insider tips, answer questions, and guide you through PhantomBuster with expert knowledge. They’re dedicated to helping you succeed and making sure your automation journey feels easy and exciting. PhantomBuster Official
  • Updated

To permanently update a Phantom's session cookie via the PhantomBuster API, send a POST request to the /agents/save endpoint with the Phantom's Agent ID and the full argument JSON containing the new sessionCookie value. For LinkedIn Phantoms, include the matching userAgent from the same browser session. The update is permanent: all future launches use the new cookie.

Before you start

Before updating a Phantom’s session cookie via API, make sure:

  • You have a valid PhantomBuster API key.
    → If you don't have one, see Create an API key. API keys can only be created by Workspace admins, if you don't see the Add API key button, check with your admin.
  • You know the Agent ID of the Phantom you want to update.
  • You have a valid session cookie.
  • For LinkedIn Phantoms only:
    • You also have the matching user agent from the same browser session.

→ If any of these are missing, start with How to Get Started with the PhantomBuster API and How Account Connections Work in PhantomBuster.

How to get a valid session cookie

Before calling the API, you need the exact session cookie value (and user agent when required).

Option 1: Refresh or change the account in PhantomBuster

Use this option if your session cookie expired, or you want the Phantom to run with a different account.

  1. Open the Phantom in your PhantomBuster Dashboard, and access its setup.
  2. Go to the account connection step (for example: Connect to LinkedIn).
  3. Connect or reconnect the account using the PhantomBuster browser extension
    PhantomBuster Phantom setup account connection step showing how to connect with the browser extension
  4. Click Save to store the new connection.
  5. Open the three-dot menu and switch to JSON view.
    PhantomBuster Phantom setup three-dot menu showing the Switch to JSON option
  6. Copy the entire argument object, which now includes the updated sessionCookie and userAgent (for LinkedIn Phantoms).
    PhantomBuster Phantom setup JSON view showing the full argument object with sessionCookie and userAgent

This guarantees the values are:

  • Valid
  • Properly formatted
  • Matched to each other for LinkedIn Phantoms (cookie + user agent)

Option 2: Get the session cookie manually

Use this option only if you can’t use the PhantomBuster browser extension.

In this case, you’ll need to:

  • Get the session cookie directly from the platform.
  • Get the matching user agent (for LinkedIn Phantoms).
  • Paste those values into the Phantom’s setup, then copy the updated argument JSON for your API request.

We don’t cover the manual retrieval steps here. Follow the dedicated guides instead:

Update the Phantom’s session cookie via the API reference

Step 1: Open the update endpoint

  1. Open the PhantomBuster API reference.
  2. In the left menu, go to:
    PhantomBuster API v2 → Agents → POST /agents/save
    → This endpoint is used to create or update a Phantom’s configuration.
    PhantomBuster API reference showing the POST /agents/save endpoint

Step 2: Add your API key

  1. In the top-right corner, locate the Credentials section.
  2. In the Header, where you see X-Phantombuster-Key, paste your API key.
PhantomBuster API reference Credentials section showing the X-Phantombuster-Key field

Step 3: Prepare the update payload

In the Body params section:

  • id

    → Paste the Agent ID of the Phantom you want to update.
    PhantomBuster API reference /agents/save Body params showing the id field for the Agent ID

  • argument → String:

    → Paste the full argument JSON copied from the Phantom’s JSON view, including the updated sessionCookie and userAgent (LinkedIn Phantoms only).
    PhantomBuster API reference /agents/save showing the argument String field with the full JSON

Step 4: Send the request

  • Click Try it.
PhantomBuster API reference response showing a 200 status after updating the Phantom

If the request is successful:

  • The API returns a 200 status.
  • The Phantom’s configuration is updated.

What happens after the update

  • The new session cookie is saved permanently.
  • All future launches (manual and API) use the new account.
  • No additional changes are required when launching the Phantom.

If the cookie expires again, you can repeat the same process.

Frequently asked questions

Does this change the cookie for one launch or permanently?

Permanently. After the update, all future launches (both manual and API) use the new session cookie. If you only need a temporary change for one launch, use bonusArgument instead.

Do I need a user agent along with the session cookie?

Only for LinkedIn and Sales Navigator Phantoms. The user agent must come from the same browser session as the cookie. For other platforms, the session cookie alone is enough.

What's the easiest way to get a valid cookie and user agent?

Use the PhantomBuster browser extension to connect or reconnect the account in the Phantom's setup, then copy the full argument JSON from the JSON view.

What happens when the cookie expires again?

Repeat the same process: get a fresh cookie, update the argument JSON, and send the request to /agents/save again.

Was this article helpful?

0 out of 1 found this helpful