User API Token
Before accessing DRIVR a user needs to authenticate. Using the DRIVR UI or the accessing the API via browser, the user can authenticate using the username and password. To access the API programmatically, the user needs to create an API token in DRIVR or use an ApplicationConsumer to authenticate.
This document describes how to create a user API token and use it to authenticate requests to the DRIVR API.
It is passed as a Basic token in the Authorization
header of the HTTP request.
Request a new API token via the DRIVR GraphQL API:
mutation {
createUserApiToken(name: "myapitoken") {
value
}
}
Response
{
"data": {
"createUserApiToken": {
"value": "Tk8gVEhJUyBJUyBOT1QgQSBWQUxJRCBUT0tFTgo="
}
}
}
You can also create an API token which expires after a certain time by providing the expiresAt
parameter:
mutation {
createUserApiToken(name : "myapitoken", expiresAt: "2022-12-31T23:59:59Z") {
value
expiresAt
}
}
Beware that the token value will only be visible once you create the token and cannot be retrieved afterward. Make sure to store it securely.
To query the API with a user API token, you need to pass the token in the Authorization
header of the HTTP request.
Assuming you have created a user API token and received the value Tk8gVEhJUyBJUyBOT1QgQSBWQUxJRCBUT0tFTgo=
, you can query the API as follows:
curl -X POST https://yourdomain.api.drivr.com/graphql \
-H "Authorization : Basic Tk8gVEhJUyBJUyBOT1QgQSBWQUxJRCBUT0tFTgo=" \
-d '{"query": "query { currentDomain { uuid } }"}'