Introduction

PreviousConnecting to the API NextCreating a redirect

Last updated 4 years ago

Introduction

To modify data using the BaseCMS GraphQL API, you must first login and obtain an authentication token. Each mutation to the API will verify your token and ensure that you have the required permission to modify the fields you change.

Logging in

To obtain an access token, send a GraphQL query to the login mutation:

Make sure you send your requests over HTTP/S!

While the BaseCMS API will enforce HTTP/S connections, you must ensure your username, password, and access tokens are not sent initially as plaintext over HTTP. Always verify you are using the https://... url to access the GraphQL API.

If you believe your account credentials have been compromised, please change your password within the Base interface immediately. For assistance contact .

mutation Login($input: UserLoginMutationInput!) {
  login(input: $input) {
    value
    expires
  }
}

{
  "input": {
    "username": "my_user",
    "password": "my_password"
  }
}

X-Tenant-Key: my_tenant_key

{
  "data": {
    "login": {
      "value": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
      "expires": 1583527780000
    }
  }
}

This will return a JSON payload with your access token (data.login.value), and the expiration date when your credentials will no longer be valid. The expiration date is a UNIX timestamp (with milliseconds).

To access protected data or write data to Base using the API, you must include a valid access token with your request. Send this token as a Bearer-type Authorization header with any request that needs to be authenticated.

PreviousConnecting to the API NextCreating a redirect

Last updated 4 years ago