Get your access token

Before doing any other API calls you have to obtain an auth token. It's a standard JWT token carrying the following payload:


  "iat": 1620967717,
  "exp": 1621054117

Tip: Use this handy website to parse the token contents:

The token lifetime is 4 hours at this time. We might change this value in the future.

Warning! You can't login more than once per second. That's a DOS attack prevention feature.

To be more future-proof it is recommended to parse the token payload and compare current time to the token's expiration time. JavaScript code:

const seconds = JSON.parse(Buffer.from(token.split(".")[1], "base64url")).exp;
if ( >= seconds*1000) {
  // get new token

This login mutation is a subject to change in the future.

Getting a token

  1. After we enable you, go to the playground, click "DOCS" on the right to explore the possibilities.

  2. Find there the login mutation. Execute it to obtain your access token. For example: mutation { login(input: {email: "YOUR_EMAIL" password: "YOUR_PWD"}) {token message} }

  3. Click the "HTTP HEADERS" on the bottom and add this: {"authorization": "Bearer YOUR_TOKEN"}. Replace the YOUR_TOKEN with the token you just got.

  4. Execute any other queries.

Here is an example of the login query.

mutation {
  login(input: { email: "", password: "12345678" }) {

If using GraphQL Playground then click the "HTTP HEADERS" on the bottom left and paste there the following (replace the YOUR_TOKEN with the value you have just received form the above mutation):

  "authorization": "Bearer YOUR_TOKEN"

Last updated