APIs & Services
Authentication
API Authentication
3 min
this guide will teach you how to generate an access token and how to make a request to an altrata graphql api endpoint generating an access token the access token is a string that contains the credentials and permissions used to access a given resource how to generate the access token to generate an access token, you will need to make an http post request to https //api auth altrata com/oauth2/token https //api auth altrata com/oauth2/token in the request, you will need to specify the following { "name" "request access token", "method" "post", "url" "https //api auth altrata com/oauth2/token", "description" "this endpoint allows you to request an altrata access token", "tab" "examples", "examples" { "languages" \[ { "id" "6uh2j 4wpujw7exkxfarr", "language" "curl", "code" "\ncurl x post \\\\\n h \\"content type application/x www form urlencoded\\" \\\\\n h \\"x api key yourapikey\\" \\\\\nhttps //api auth altrata com/oauth2/token?grant type=client credentials \\\\\n u \\"username\ password\\" ", "customlabel" "" }, { "id" "uqfdnccuxhay4k5duuofe", "language" "nodejs", "code" "const request = require('request');\nconst username = 'yourusername';\nconst password = 'yourpassword';\nconst token = buffer from(`${username} ${password}`, 'utf8') tostring('base64');\nconst apikey = 'yourapikeyvalue';\n\nconst options = {\n 'method' 'post',\n 'url' 'https //api auth altrata com/oauth2/token?grant type=client credentials',\n 'headers' {\n 'x api key' apikey,\n 'authorization' `basic ${token}`\n }\n};\n\nrequest(options, function (error, response) {\n if (error) throw new error(error);\n console log(response body);\n});\n", "customlabel" "" } ], "selectedlanguageid" "6uh2j 4wpujw7exkxfarr" }, "results" { "languages" \[ { "id" "plt3ppr98tfwr5yks9xzp", "language" "200", "customlabel" "", "code" "{\n \\"access token\\" \\"youraccesstoken\\",\n \\"expires in\\" 28800,\n \\"token type\\" \\"bearer\\"\n}" } ], "selectedlanguageid" "plt3ppr98tfwr5yks9xzp" }, "request" { "pathparameters" \[], "queryparameters" \[ { "name" "grant type", "kind" "required", "type" "string", "description" "grant type will always be client credentials", "children" \[] } ], "headerparameters" \[ { "name" "x api key", "kind" "required", "type" "string", "description" "enter your api key as the value", "children" \[] }, { "name" "authorization", "kind" "required", "type" "string", "description" "basic auth enter username\ password", "children" \[] } ], "bodydataparameters" \[], "formdataparameters" \[] }, "currentnewparameter" { "label" "header parameter", "value" "headerparameters" } } property parameter value description grant type query 'client credentials" the oauth2 grant type that is used to obtain an access token x api key header yourapikey you will need to enter your assigned api key as the value authorization header username\ password basic auth is used for the authorization if you are making a request via curl, you can supply your username\ password if you are using a backend language/framework such as node js, you will need to ensure that your username and password is base64 encoded when making a request to obtain an access token see the node js example on the right to see how to potentially base64 encode your credentials once you have made a successful request to obtain an access token, you will get back a 200 response code that contains your bearer access token { "access token" "youraccesstoken", "expires in" 28800, "token type" "bearer" } the token is a json web token the expiration time for the tokens is set at 28800 seconds, which is the equivalent of 8 hours once 8 hours has passed, the token will have expired, and you will need to request a new token please note that if you request a new token before the 8 hours have passed on your existing access token, you will be issued with a new token that will terminate your previous token this means that you will not be able to use your previous access tokens to make calls to any altrata api store your access token in a secure location authenticating to use the graphql endpoint now that you have generated an access token, you will need to do the following to access the graphql endpoint if you are unsure of a graphql url for a service(s), please visit the services docid 3rgzmf5uh3ep0bh4snvm0 page that outlines all urls set your http method to a post request set the url to be the graphql endpoint that you wish to request establish include both x api key and authorization headers provide your api key as the value in the x api key header, and set the value bearer and include your access token for the authorization header { "name" "example profile graphql api", "method" "post", "url" "https //profile altrata com/v1/graphiql/", "description" "make a request to profile api", "tab" "examples", "examples" { "languages" \[ { "id" "hxh1 3iolxh gjrsjmubm", "language" "curl", "code" "curl location request post 'https //profile altrata com/v1/graphql' \\\\\n header 'authorization accesstoken' \\\\\n header 'x api key apikey'", "customlabel" "" }, { "id" "vmjoqu8o6fd2j0wdycexs", "language" "nodejs", "code" "const request = require('request');\nconst accesstoken = \\"youraccesstoken\\"\nconst apikey = 'qzax5wocf91vkgcvqvci03klebix2gge5pjzxrup'\nconst options = {\n 'method' 'post',\n 'url' 'https //profile altrata com/v1/graphiql/',\n 'headers' {\n 'x api key' ${apikey},\n 'authorization' 'bearer ${accesstoken}'\n }\n};\nrequest(options, function (error, response) {\n if (error) throw new error(error);\n console log(response body);\n});\n", "customlabel" "" }, { "id" "jufmjnhddx 4n tbuafko", "language" "python", "code" "", "customlabel" "" } ], "selectedlanguageid" "hxh1 3iolxh gjrsjmubm" }, "results" { "languages" \[ { "id" "y2nzttg2b85ap1uqvznfx", "language" "200", "customlabel" "", "code" "{\n // response from the altrata api\n}" } ], "selectedlanguageid" "y2nzttg2b85ap1uqvznfx" }, "request" { "pathparameters" \[], "queryparameters" \[], "headerparameters" \[ { "name" "x api key", "kind" "required", "type" "string", "description" "provide you api key as the value", "children" \[] }, { "name" "authorization", "kind" "required", "type" "string", "description" "`bearer {accesstoken}`", "children" \[] } ], "bodydataparameters" \[ { "name" "body", "kind" "required", "type" "string", "description" "provide constructed graphql query here", "" "provide constructed graphql query here" } ], "formdataparameters" \[] }, "currentnewparameter" { "label" "body parameter", "value" "bodydataparameters" } }
Updated 10 Sep 2025
Did this page help you?