GraphQL

About GraphQL

What is GraphQL? https://graphql.org
ZEMTU’s GraphQL APIs largely stick to the Relay specifications: https://facebook.github.io/relay/graphql/connections.htm

Authentication

For client-server communication we suggest using JWTAuthentication with the user’s username and password combination. For machine-to-machine communication TokenAuthentication is the best fit.

GraphQL mutation tokenAuth with user credentials to create a long-living token. The token is valid for 14 days. After that a renewed call to tokenAuth is needed.

Now in order to access protected API you must include the Authorization HTTP header: POST / HTTP/1.1 Host: domake.io Authorization: JWT eyJ0eXAiOiJKV1QiLCJh... Content-Type: application/json;

References

https://django-graphql-jwt.domake.io/en/stable/index.html
https://jwt.io

The token key must be included in the Authorization HTTP header. The key should be prefixed by the string literal Token, with whitespace separating the two strings. For example:

Authorization: Token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b

There are several possibilities to obtain the token:

Read token from admin interface (only for users with org admin role): You can obtain the AuthToken for a user here: https://devcarsharing.zemtu.com/admin/authtoken/token/
Get direct access to token: E.g. you get the token via secure email from an organization administrator.

References

http://www.django-rest-framework.org/api-guide/authentication/#tokenauthentication

Reservation API

https://devcarsharing.zemtu.com/graphql

Management API

https://devcarsharing.zemtu.com/graphql

PreviousREST NextUmbrella feature

Last updated 5 years ago