You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Role-based authorization (only admins can access Users API)
- No REST API at all
- Client can get the token from the GraphQL API itself
- Custom error handling to create descriptive error messages
- Custom error handling to create descriptive error messages
### How to use
All the GraphQL API is exposed in `/graphql`. Except for the `getToken` request, all the queries and mutations require a valid token. For all the User-related requests, that token must belong to an ADMIN users.
1. Get an access token (initial user is created with `admin` and `admin` as credentials) by performing a POST request to `/graphql` endpoint with the following GraphQL body:
```graphql
mutation {
getToken(username: "admin", password: "admin")
}
```
2. Run every request with header: `Authorization: Bearer TOKEN`. You can refer to  to check the available queries and mutations.
