### Answer For handling web calls and managing user information in Vapi, you can leverage several features that allow you to customize and secure your calls, ensuring that you can bill your users accordingly. First, you can utilize the

metadata

field when creating a web call through the Vapi API. This field allows you to include any relevant information about the user or the session that you need for billing purposes. By passing this metadata from the backend, you can keep track of user sessions and details associated with each call [(1)]() . To secure your calls and prevent unauthorized use, consider restricting your public key to your domain and using the Web SDK securely on your client side. You can restrict your public key to only work with specific assistant IDs, thereby disallowing transient assistants. Additionally, signing a JWT in your backend with your Vapi private key, if the user is logged in, and then passing that to the Web SDK provides an additional layer of security. This ensures that only authenticated and authorized calls are made, helping you manage billing and usage effectively [(2)]() . For integrating web calls into your client-side application, Vapi provides a Web SDK that simplifies starting and managing calls directly from the web browsers. The Web SDK allows you to initiate calls using either an assistant ID or an ephemeral assistant configuration. This flexibility means you can initiate calls from the server-side and then seamlessly integrate them into your client-side application [(3)]() [(4)]() . Remember, to effectively manage call information and user details for billing, it's crucial to plan how you will utilize the met

adata and secure your Vapi integration to ensure accurate and efficient billing processes.

Glad I could be helpful. Feel free to create a new thread with any new questions you may have.

here's the doc for the reference: https://docs.vapi.ai/api-reference/calls/create-phone-call