# Authentication
GraphQL Endpoint (opens new window)
# Register
POST /graphql
Request Body
{
"operationName": "CreateUser",
"variables": {
"client": "WEB",
"user": {
"firstname": "John",
"lastname": "Doe",
"email": "johndoe@example.com",
"password": "Password123",
"newsletter": false
}
},
"query": "mutation CreateUser($user: UserInput!, $client: Client!) {\n CreatedUserResponse: createUser(user: $user, client: $client) {\n __typename\n ... on CreateUserResponse {\n message\n user {\n __typename\n userId\n email\n }\n __typename\n }\n ... on CreateUserError {\n message\n state\n __typename\n }\n }\n}\n"
}
{
"data": {
"CreatedUserResponse": {
"__typename": "CreateUserResponse",
"message": "User Created",
"user": {
"__typename": "User",
"userId": "johndoe@example.com",
"email": "johndoe@example.com"
}
}
},
"extensions": {
"tracing": {
"version": 1,
"startTime": "2021-05-31T09:13:41.453Z",
"endTime": "2021-05-31T09:13:49.212Z",
"duration": 7765428114,
"execution": {
"resolvers": []
}
}
}
}
# API Login
POST /customer/login
Request Body
{
"username": "johndoe@example.com",
"password": "Password123"
}
{ "sessionId": "f43d66615a1945781d826e036d43848b" }
# Middleware Login
POST /graphql
Request Body
{
"operationName": "Login",
"variables": {
"client": "WEB",
"username": "johndoe@example.com",
"password": "Password123"
},
"query": "mutation Login($username: String!, $password: String!, $client: Client!) {\n LoginUnion: login(username: $username, password: $password, client: $client) {\n __typename\n ... on User {\n __typename\n userId\n email\n }\n ... on LoginError {\n message\n reason\n __typename\n }\n }\n}\n"
}
{
"data": {
"LoginUnion": {
"__typename": "User",
"userId": "johndoe@example.com",
"email": "johndoe@example.com"
}
},
"extensions": {
"tracing": {
"version": 1,
"startTime": "2021-05-31T09:31:21.567Z",
"endTime": "2021-05-31T09:31:22.635Z",
"duration": 1067795086,
"execution": {
"resolvers": []
}
}
}
}
# Middleware Token Exchange
The authCookie variable is the sessionId from the API Login call.
POST /graphql
Request Body
{
"operationName": "tokenExchange",
"variables": {
"authCookie": "f43d66615a1945781d826e036d43848b"
},
"query": "mutation tokenExchange($authCookie: String!) {\n tokenExchange(sessionId: $authCookie) {\n ... on TokenResponse {\n accessToken\n __typename\n }\n __typename\n }\n}\n"
}
{
"data": {
"tokenExchange": {
"accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJjUjNaaVlIUkNSQy1NajM3UC1GdFgxeFVMTWFNX25JYjRVMGVSdU05dnU0In0.eyJleHAiOjE2MjI1Mzg4MzIsImlhdCI6MTYyMjQ1MjQzMiwianRpIjoiMWUxMzZkMGUtMDZiNS00MmY4LTgwODctYzc5YzdiOTc1MmY3IiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay5zdGFnaW5nLmxha2VzaWRlLnNraWxpbmUuY2MvYXV0aC9yZWFsbXMvQW5kZXJtYXR0IiwiYXVkIjoiYWNjb3VudCIsInN1YiI6IjRhNDFkM2YxLWJjZDctNDcwOS05MGRiLTQyODkxZjZiMTJjNiIsInR5cCI6IkJlYXJlciIsImF6cCI6ImphbWVzLW1pZGRsZXdhcmUiLCJzZXNzaW9uX3N0YXRlIjoiYWQ0MjJkYjgtNjA0MC00N2M0LTg3NmEtZjhmZDJhNmRjOTJlIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyIqIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJlbWFpbCBwcm9maWxlIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsIm5hbWUiOiJMYXJpbyBMdXJtYW5uIiwicHJlZmVycmVkX3VzZXJuYW1lIjoibGFyaW9AbHVybWFubi5jb20iLCJnaXZlbl9uYW1lIjoiTGFyaW8iLCJmYW1pbHlfbmFtZSI6Ikx1cm1hbm4iLCJlbWFpbCI6ImxhcmlvQGx1cm1hbm4uY29tIn0.ccDDgNxF2nYnIy4-HuPGmi8bTkjT-FXyn63on8bicINYrc6SdVGw7C3riLTxBGsW-cJ89jZOGYOBY4wqrrH-KIHlHjMdzmT4Jd5Di5E_qXfXp4PLp_D25vppLssUC59i_o5g-q8Er80_9CrcbzLGvRVOmXPFvKAG-JwcCMHxmeyT28sNdoiCWrtCXH9nEff-JNfLvbehD4xG8_qvOkLcby8U4yJQIKAShuTNAi4YQIUSrVyM_oM9GJXvY94YHGXbNfIVKTomsfk2cDqaGP_tUI5t3BZp751EgW0A-Mg05MUqZVbhvH6Pg0FqMuuSOMCHPmjMeQ1mDFRMM1WtX9HK-w",
"__typename": "TokenResponse"
}
},
"extensions": {
"tracing": {
"version": 1,
"startTime": "2021-05-31T09:13:52.047Z",
"endTime": "2021-05-31T09:13:52.368Z",
"duration": 320524666,
"execution": {
"resolvers": []
}
}
}
}