diff --git a/src/applications/auth/controller/PhabricatorAuthController.php b/src/applications/auth/controller/PhabricatorAuthController.php
index a6803ac9b1..d4b63c4238 100644
--- a/src/applications/auth/controller/PhabricatorAuthController.php
+++ b/src/applications/auth/controller/PhabricatorAuthController.php
@@ -65,7 +65,7 @@ abstract class PhabricatorAuthController extends PhabricatorController {
   protected function loginUser(PhabricatorUser $user) {
 
     $response = $this->buildLoginValidateResponse($user);
-    $session_type = 'web';
+    $session_type = PhabricatorAuthSession::TYPE_WEB;
 
     $event_type = PhabricatorEventType::TYPE_AUTH_WILLLOGINUSER;
     $event_data = array(
diff --git a/src/applications/auth/engine/PhabricatorAuthSessionEngine.php b/src/applications/auth/engine/PhabricatorAuthSessionEngine.php
index 17865a7c39..7735db3fa1 100644
--- a/src/applications/auth/engine/PhabricatorAuthSessionEngine.php
+++ b/src/applications/auth/engine/PhabricatorAuthSessionEngine.php
@@ -36,7 +36,8 @@ final class PhabricatorAuthSessionEngine extends Phobject {
    * You can configure the maximum number of concurrent sessions for various
    * session types in the Phabricator configuration.
    *
-   * @param   string  Session type, like "web".
+   * @param   const   Session type constant (see
+   *                  @{class:PhabricatorAuthSession}).
    * @param   phid    Identity to establish a session for, usually a user PHID.
    * @return  string  Newly generated session key.
    */
@@ -56,10 +57,10 @@ final class PhabricatorAuthSessionEngine extends Phobject {
 
     $session_limit = 1;
     switch ($session_type) {
-      case 'web':
+      case PhabricatorAuthSession::TYPE_WEB:
         $session_limit = PhabricatorEnv::getEnvConfig('auth.sessions.web');
         break;
-      case 'conduit':
+      case PhabricatorAuthSession::TYPE_CONDUIT:
         $session_limit = PhabricatorEnv::getEnvConfig('auth.sessions.conduit');
         break;
       default:
diff --git a/src/applications/auth/storage/PhabricatorAuthSession.php b/src/applications/auth/storage/PhabricatorAuthSession.php
index 3045848764..1006238d4d 100644
--- a/src/applications/auth/storage/PhabricatorAuthSession.php
+++ b/src/applications/auth/storage/PhabricatorAuthSession.php
@@ -3,6 +3,9 @@
 final class PhabricatorAuthSession extends PhabricatorAuthDAO
   implements PhabricatorPolicyInterface {
 
+  const TYPE_WEB      = 'web';
+  const TYPE_CONDUIT  = 'conduit';
+
   protected $userPHID;
   protected $type;
   protected $sessionKey;
diff --git a/src/applications/base/controller/PhabricatorController.php b/src/applications/base/controller/PhabricatorController.php
index 8995e43cd9..5bdf7fd8af 100644
--- a/src/applications/base/controller/PhabricatorController.php
+++ b/src/applications/base/controller/PhabricatorController.php
@@ -38,7 +38,7 @@ abstract class PhabricatorController extends AphrontController {
       $phsid = $request->getCookie('phsid');
       if ($phsid) {
         $session_user = id(new PhabricatorAuthSessionEngine())
-          ->loadUserForSession('web', $phsid);
+          ->loadUserForSession(PhabricatorAuthSession::TYPE_WEB, $phsid);
         if ($session_user) {
           $user = $session_user;
         }
diff --git a/src/applications/conduit/controller/PhabricatorConduitAPIController.php b/src/applications/conduit/controller/PhabricatorConduitAPIController.php
index 21eeeb0b9b..997a2ac857 100644
--- a/src/applications/conduit/controller/PhabricatorConduitAPIController.php
+++ b/src/applications/conduit/controller/PhabricatorConduitAPIController.php
@@ -280,7 +280,7 @@ final class PhabricatorConduitAPIController
     }
 
     $user = id(new PhabricatorAuthSessionEngine())
-      ->loadUserForSession('conduit', $session_key);
+      ->loadUserForSession(PhabricatorAuthSession::TYPE_CONDUIT, $session_key);
 
     if (!$user) {
       return array(
diff --git a/src/applications/conduit/method/ConduitAPI_conduit_connect_Method.php b/src/applications/conduit/method/ConduitAPI_conduit_connect_Method.php
index 75252a2114..0995f2748f 100644
--- a/src/applications/conduit/method/ConduitAPI_conduit_connect_Method.php
+++ b/src/applications/conduit/method/ConduitAPI_conduit_connect_Method.php
@@ -143,7 +143,9 @@ final class ConduitAPI_conduit_connect_Method extends ConduitAPIMethod {
         throw new ConduitException('ERR-INVALID-CERTIFICATE');
       }
       $session_key = id(new PhabricatorAuthSessionEngine())
-        ->establishSession('conduit', $user->getPHID());
+        ->establishSession(
+          PhabricatorAuthSession::TYPE_CONDUIT,
+          $user->getPHID());
     } else {
       throw new ConduitException('ERR-NO-CERTIFICATE');
     }
diff --git a/src/applications/settings/panel/PhabricatorSettingsPanelConduit.php b/src/applications/settings/panel/PhabricatorSettingsPanelConduit.php
index 60ab25a730..4645c04d56 100644
--- a/src/applications/settings/panel/PhabricatorSettingsPanelConduit.php
+++ b/src/applications/settings/panel/PhabricatorSettingsPanelConduit.php
@@ -37,7 +37,7 @@ final class PhabricatorSettingsPanelConduit
       $sessions = id(new PhabricatorAuthSessionQuery())
         ->setViewer($user)
         ->withIdentityPHIDs(array($user->getPHID()))
-        ->withSessionTypes(array('conduit'))
+        ->withSessionTypes(array(PhabricatorAuthSession::TYPE_CONDUIT))
         ->execute();
       foreach ($sessions as $session) {
         $session->delete();