Authentication (GraphQL)

info

If you have been provided a client_id instead of a username and password, you must use this method to authenticate instead.

There are two authentication related mutations, createAuthToken and refreshToken:

type Mutation {
  createAuthToken(email: String, password: String): AuthToken
  refreshToken(refreshToken: String): String
  # ...
}

Log in

To perform initial authentication, you may use createAuthToken which accepts the user email and password as arguments, and returns an AuthToken object.

type AuthToken {
  token: String!
  refreshToken: String
  expires: Float!
}

Subsequent requests to protected endpoints must include the Authorization header with the following format below.

Authorization: JWT [token]

Example

curl -X POST \
  https://api.cirruscrm.io/graphql \
  -H 'Content-Type: application/json' \
  -d '{
    "query": "mutation { createAuthToken(email: \"[email protected]\", password: \"password\") { token refreshToken expires } }"
}'

After which later requests should include the Authorization header, for examples when fetching activities.

curl -X POST \
  https://api.cirruscrm.io/graphql \
  -H 'Authorization: JWT [token]' \
  -H 'Content-Type: application/json' \
  -d '{
    "query": "query { activities { edges { node { id description } } } }"
}'

Refreshing credentials

The createAuthToken response object contains a timestamp with the expiration date of the token. To continue querying the API after this point without having to login again, you may use the included refresh token. Keep in mind that the refresh token is valid indefinitely, hence it is critical to keep this safe.

You may get a new token by the refreshToken mutation

refreshToken(refreshToken: String): String

Note: refreshToken only returns a new token. The same refresh token retreived through createAuthToken will remain valid indefinitely.

Log in​

Example​

Refreshing credentials​

Log in

Example

Refreshing credentials