xclade
GraphQL API

Authentication

GraphQL API authentication methods

Authentication

The GraphQL API supports the same authentication methods as the REST API:

Bearer Token Authentication

Include your JWT token in the Authorization header:

POST /graphql
Authorization: Bearer {your-jwt-token}
Content-Type: application/json

Session-Based Authentication

For web applications, session cookies are automatically sent with requests:

POST /graphql
Content-Type: application/json
Cookie: connect.sid=...

Required Headers

For production environments, include the CSRF protection header:

POST /graphql
Content-Type: application/json
Authorization: Bearer {your-jwt-token}
x-graphql-request: true

GraphQL API

Overview of the GraphQL API

GraphQL Playground

Interactive GraphQL development environment

On this page

AuthenticationBearer Token AuthenticationSession-Based AuthenticationRequired Headers