The GraphQL API uses OAuth2. To get access to the API you will need to supply a bearer token. You can make a GraphQL request to the API end point to retrieve an access token that will be valid for one hour from the point of issue.
Here is an example:
mutation signIn {
signIn(useManagementflow: true, credentials: {
userName: "xxxx",
password: "yyyy"
}
)
{
accessToken
refreshToken
}
}Where xxxx is the email address you use when you log in and yyyy is your password.
Note: "useManagementflow" must be specified and must be set to true unless advised otherwise by Red Flag Alert technical support.
If you run this in the IDE, you will see an access token is returned along with a refresh token. For guidance on accessing the GraphQL API with a browser, click here.
It is also possible to use a command line tool such as “curl” to generate an access token. Here is an example:
curl -s --location \
'https://azp-primary-api.azurewebsites.net/graphql/' \
--header 'Content-Type: application/json' \
--data '{"query":"mutation signIn {signIn(useManagementflow: true, credentials: { userName: \"xxxx\", password: \"yyyy\" }) {accessToken refreshToken}}","variables":{}}'
And here is an example in Python:
import requests
import json
username="XXXX"
password="YYYY"
data = '{"query": "mutation signIn {signIn(useManagementflow: true, credentials: {userName: \\"%s\\", password: \\"%s\\"}) {accessToken refreshToken}}"}' %(username,password)
header = {
'Content-Type': 'application/json',
'Accept': '*/*'
}
a = requests.post('https://azp-primary-api.azurewebsites.net/graphql/',
headers=header, data=data)
res = json.loads(a.text)
access_token = res["data"]["signIn"]["accessToken"]
print(access_token)
Note: In both these cases, the GraphQL query has been encoded in JSON format before being POSTed to the API endpoint. For guidance on encoding GraphQL queries in JSON format, click here.
The access token can then be used by including in an 'Authorisation' header for any subsequent http POST request. For more information on passing an authorisation header, click here.
An hour after being issued, the access token will expire.You can refresh the access token by passing the returned refreshToken to the signInRefresh mutation like this:
mutation signInRefresh {
signInRefresh(useManagementflow: true, credentials:{
refreshToken:"zzzz"
}){
accessToken
refreshToken
}
}Where "zzzz" is the refreshToken returned from the signIn mutation. This will return a new accessToken which you can then continue to use for another hour.
If you have any further queries please get in touch with your account manager. If you do not know who your account manager is, please submit a ticket using this link.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article