Authenticating to the GraphQL API

The Root Endpoint

REST APIs has numerous endpoints; the GraphQL API has a single endpoint:

The endpoint remains constant no matter what operation you perform.

Because GraphQL operations consist of multiline JSON, we recommend using the Apollo Explorer to make GraphQL calls.

You can also use curl or any other HTTP-speaking library.

In REST, HTTP verbs determine the operation performed. In GraphQL, you'll provide a JSON-encoded body whether you're performing a query or a mutation, so the HTTP verb is POST. The exception is an introspection query, which is a simple GET to the endpoint.

To query GraphQL in a curl command, make a POST request with a JSON payload. The payload must contain a string called query:

curl -H "Authorization: bearer TOKEN" -X POST -d " \
 { \
   \"query\": \"query { viewer { login }}\" \
 } \

Note: The string value of "query" must escape newline characters or the schema will not parse it correctly. For the POST body, use outer double quotes and escaped inner double quotes.

Last updated