Authentication

Get your access token

Before doing any other API calls you have to obtain an auth token. It's a standard JWT token carrying the following payload:

{
...
"iat": 1620967717,
"exp": 1621054117
}

Tip: Use this handy website to parse the token contents: jwt.io

The token lifetime is 4 hours at this time. We might change this value in the future.

Warning! You can't login more than once per second. That's a DOS attack prevention feature.

To be more future-proof it is recommended to parse the token payload and compare current time to the token's expiration time. JavaScript code:

const seconds = JSON.parse(Buffer.from(token.split(".")[1], "base64url")).exp;
if (Date.now() >= seconds*1000) {
// get new token
}

This mutation is a subject to change in the future.

Getting a token

Here is an example of the login query.

Query
Response
Query
mutation {
login(input: { email: "[email protected]", password: "12345678" }) {
token
message
code
success
}
}
Response
{
"data": {
"login": {
"token": "YOUR_TOKEN",
"message": "OK",
"code": "SUCCESS",
"success": true
}
}
}

If using GraphQL Playground then click the "HTTP HEADERS" on the bottom left and paste there the following (replace the YOUR_TOKEN with the value you have just received form the above mutation):

{
"authorization": "Bearer YOUR_TOKEN"
}