diff --git a/api/types/session.go b/api/types/session.go
index 36c8d7be2dd0f..95041041c9d82 100644
--- a/api/types/session.go
+++ b/api/types/session.go
@@ -627,6 +627,8 @@ func (r *NewWebSessionRequest) CheckAndSetDefaults() error {
 
 // NewWebSessionRequest defines a request to create a new user
 // web session
+// TODO (Joerger): Remove this and replace it with lib/auth.NewWebSessionRequest
+// once /e is no longer dependent on this.
 type NewWebSessionRequest struct {
 	// User specifies the user this session is bound to
 	User string
diff --git a/lib/auth/auth.go b/lib/auth/auth.go
index b28d82fbd11a5..1349e5339bffc 100644
--- a/lib/auth/auth.go
+++ b/lib/auth/auth.go
@@ -3837,7 +3837,7 @@ func (a *Server) ExtendWebSession(ctx context.Context, req WebSessionReq, identi
 	}
 
 	sessionTTL := utils.ToTTL(a.clock, expiresAt)
-	sess, err := a.NewWebSession(ctx, types.NewWebSessionRequest{
+	sess, err := a.NewWebSession(ctx, NewWebSessionRequest{
 		User:                 req.User,
 		LoginIP:              identity.LoginIP,
 		Roles:                roles,
@@ -3934,7 +3934,7 @@ func (a *Server) CreateWebSession(ctx context.Context, user string) (types.WebSe
 	if err != nil {
 		return nil, trace.Wrap(err)
 	}
-	session, err := a.CreateWebSessionFromReq(ctx, types.NewWebSessionRequest{
+	session, err := a.CreateWebSessionFromReq(ctx, NewWebSessionRequest{
 		User:      user,
 		Roles:     u.GetRoles(),
 		Traits:    u.GetTraits(),
@@ -4449,7 +4449,7 @@ func (a *Server) GetTokens(ctx context.Context, opts ...services.MarshalOption)
 }
 
 // NewWebSession creates and returns a new web session for the specified request
-func (a *Server) NewWebSession(ctx context.Context, req types.NewWebSessionRequest) (types.WebSession, error) {
+func (a *Server) NewWebSession(ctx context.Context, req NewWebSessionRequest) (types.WebSession, error) {
 	userState, err := a.GetUserOrLoginState(ctx, req.User)
 	if err != nil {
 		return nil, trace.Wrap(err)
diff --git a/lib/auth/auth_test.go b/lib/auth/auth_test.go
index 3c56b983a090d..c6cdcca434be1 100644
--- a/lib/auth/auth_test.go
+++ b/lib/auth/auth_test.go
@@ -2471,7 +2471,7 @@ func TestNewWebSession(t *testing.T) {
 	require.NoError(t, err)
 
 	// Create a new web session.
-	req := types.NewWebSessionRequest{
+	req := NewWebSessionRequest{
 		User:       user.GetName(),
 		Roles:      user.GetRoles(),
 		Traits:     user.GetTraits(),
diff --git a/lib/auth/github.go b/lib/auth/github.go
index 770b8f670b866..ccb06a72892db 100644
--- a/lib/auth/github.go
+++ b/lib/auth/github.go
@@ -734,7 +734,7 @@ func (a *Server) validateGithubAuthCallback(ctx context.Context, diagCtx *SSODia
 
 	// If the request is coming from a browser, create a web session.
 	if req.CreateWebSession {
-		session, err := a.CreateWebSessionFromReq(ctx, types.NewWebSessionRequest{
+		session, err := a.CreateWebSessionFromReq(ctx, NewWebSessionRequest{
 			User:             userState.GetName(),
 			Roles:            userState.GetRoles(),
 			Traits:           userState.GetTraits(),
diff --git a/lib/auth/methods.go b/lib/auth/methods.go
index 7d021df872f3f..97577f37adc75 100644
--- a/lib/auth/methods.go
+++ b/lib/auth/methods.go
@@ -676,7 +676,7 @@ func (a *Server) AuthenticateWebUser(ctx context.Context, req AuthenticateUserRe
 		}
 	}
 
-	sess, err := a.CreateWebSessionFromReq(ctx, types.NewWebSessionRequest{
+	sess, err := a.CreateWebSessionFromReq(ctx, NewWebSessionRequest{
 		User:             user.GetName(),
 		LoginIP:          loginIP,
 		Roles:            user.GetRoles(),
@@ -888,7 +888,7 @@ func (a *Server) emitNoLocalAuthEvent(username string) {
 func (a *Server) createUserWebSession(ctx context.Context, user services.UserState, loginIP string) (types.WebSession, error) {
 	// It's safe to extract the roles and traits directly from services.User as this method
 	// is only used for local accounts.
-	return a.CreateWebSessionFromReq(ctx, types.NewWebSessionRequest{
+	return a.CreateWebSessionFromReq(ctx, NewWebSessionRequest{
 		User:      user.GetName(),
 		LoginIP:   loginIP,
 		Roles:     user.GetRoles(),
diff --git a/lib/auth/sessions.go b/lib/auth/sessions.go
index 415a7c268dee4..e69ca4bd79238 100644
--- a/lib/auth/sessions.go
+++ b/lib/auth/sessions.go
@@ -39,6 +39,10 @@ import (
 	"github.com/gravitational/teleport/lib/utils"
 )
 
+// TODO (Joerger): Replace this alias with the definition of types.NewWebSessionRequest
+// once /e is no longer dependent on types.NewWebSessionRequest.
+type NewWebSessionRequest = types.NewWebSessionRequest
+
 // CreateAppSession creates and inserts a services.WebSession into the
 // backend with the identity of the caller used to generate the certificate.
 // The certificate is used for all access requests, which is where access
@@ -252,7 +256,7 @@ func (a *Server) generateAppToken(ctx context.Context, username string, roles []
 	return token, nil
 }
 
-func (a *Server) CreateWebSessionFromReq(ctx context.Context, req types.NewWebSessionRequest) (types.WebSession, error) {
+func (a *Server) CreateWebSessionFromReq(ctx context.Context, req NewWebSessionRequest) (types.WebSession, error) {
 	session, err := a.NewWebSession(ctx, req)
 	if err != nil {
 		return nil, trace.Wrap(err)