Getting a Bearer Token

The GraphQL API uses OAuth2

To get access to the API you will need to supply a bearer token. You can make a GraphQL request to the API end point to retrieve an access token that will be valid for one hour from the point of issue.

Here is an example:

mutation signIn {
signIn(useManagementflow: true, credentials: {
    userName: "xxxx",
    password: "yyyy"
    }
)
{
  accessToken
refreshToken
}
}

Where xxxx is the email address you use when you log in and yyyy is your password.

Note:  "useManagementflow" must be specified and must be set to true unless advised otherwise by Red Flag Alert technical support.

If you run this in the IDE (see Accessing the GraphQL API with a Browser) you will see an access token is returned along with a refresh token.

It is also possible to use a command line tool such as “curl” to generate an access token. Here is an example:

curl -s --location \
'https://azp-primary-api.azurewebsites.net/graphql/' \
--header 'Content-Type: application/json' \
--data '{"query":"mutation signIn {signIn(useManagementflow: true, credentials: { userName: \"xxxx\", password: \"yyyy\" }) {accessToken refreshToken}}","variables":{}}'

And here is an example in Python:

import requests
import json
username="XXXX"
password="YYYY"
data = '{"query": "mutation signIn {signIn(useManagementflow: true, credentials: {userName: \\"%s\\", password: \\"%s\\"}) {accessToken refreshToken}}"}' %(username,password)
header = {
'Content-Type': 'application/json',
'Accept': '*/*'
}
a = requests.post('https://azp-primary-api.azurewebsites.net/graphql/',
headers=header, data=data)
res = json.loads(a.text)
access_token = res["data"]["signIn"]["accessToken"]
print(access_token)

Note: In both these cases the GraphQL query has been encoded in JSON format before being POSTed to the API endpoint - see Accessing the GraphQL Programmatically for more information on encoding GraphQL queries in JSON format.

The access token can then be used by including in an "Authorisation" header for any subsequent http POST request. See Accessing the GraphQL API Programmatically for more information on passing an authorisation header.

An hour after being issued, the access token will expire.You can refresh the access token by passing the returned refreshToken to the signInRefresh mutation like this:

mutation signInRefresh {
signInRefresh(useManagementflow: true, credentials:{
refreshToken:"zzzz"
}){
accessToken
refreshToken
}
}

Where "zzzz" is the refreshToken returned from the signIn mutation. This will return a new accessToken which you can then continue to use for another hour.

If you have any further questions, please reach out to our Support Team via Contact Us.