Skip to main content

Login for Authenticated User

The only way to test an authenticated users is via API

User Login Via GraphQL#

note

These GraphQL Queries & Mutation (userLogin, userRegistration) and Endpoints (/system/auth/login and /system/auth/register) is available only after the successful configuration of Authentication AddOns from Settings

Login Query#

query UserLoginQuery {
userLogin(secret: "mysecretpassword1234", email: "[email protected]") {
refresh_token
id_token
}
}

RESTful API#

curl -X POST "https://api.apito.io/secured/rest/project-id/system/auth/login"
-H "accept: application/json" -H "Authorization: Bearer API_SECRET" -H "Content-Type: application/json"
-d "{\"email\":\"[email protected]\",\"secret\":\"mysecretpassword1234\"}"

Login Response#

{
"data": {
"userLogin": {
"id_token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6Im5ld3VzZXJAZ21haWwuY29tIiwiZXhwIjoxNjE3NjgxOTkyLCJpYXQiOjE2MTc1OTU1OTIsImp0aSI6InY5SlhJVUpjS0diV0RFaTB3WWFERGsyWW1CR3o5c0JIIiwicHJvamVjdCI6InF1YW50dW1fZWNvbW1lcmNlX2RkbGo0Iiwicm9sZSI6ImF1dGh1c2VyIiwidXNlciI6ImY2ZGU1NzUyLWFlMDgtNGFiZS1hNzc4LTUzMjNkNDVlNTVlZiJ9.kFUQa8w0HsM00H1Rn-sr3yLlfvWVNsFeux0jghBnQ0_oXUQHE1y8a_yPSqEOX6tcb1LqcH2uWAeFPLbL5rx4cNZ_uCHvgIiDlQRUX4OZ_NtRrNgk35Me0serNupF3Jl1EWxdCYZjvIbO2a0hh0FGtl6Fy0dcgpWjbp1gW7Oxe1jzcuheawnYHemuI85qqUdGk2TnVPYfCYQRclqwbRnWzzGbRebUN9ayJQkbmlegrPqgB5Iw3FIGdHC95rqgCKNEOhbm7mMtkTbjAtqJBmabSGalw1MUxhNqUB-Gr9GeiV2STHoh07x5sPr61ekUTJ0zPH4zz-XhTUpuab0VvZZLCg",
"refresh_token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MjAxODc1OTIsImlhdCI6MTYxNzU5NTU5MiwianRpIjoiUU9hNXE1RWRZR1V4SEZNNm1HeUNDekZZa0RCM1NhT1UiLCJwcm9qZWN0IjoicXVhbnR1bV9lY29tbWVyY2VfZGRsajQiLCJyb2xlIjoiYXV0aHVzZXIiLCJ1c2VyIjoiZjZkZTU3NTItYWUwOC00YWJlLWE3NzgtNTMyM2Q0NWU1NWVmIn0.SIe8ZXsGuvG_DjvSwg64d88UqsqpxDoiOcqROAsu-nQ2ljNyBqnAHi8kzLnRfXWfUo2wMnvKwlh2FqJhyDy4FteUzWSkingj3PhtjSXPcoBmbQlsjQGgY4skntmxJketM01qC_wOnZDRICQLAJ6Tai_JmaRlD6KcZydJXOLPFpvz2_UwLkQL4jFDNtubFfCtxXbggY1wJXX0Lzt488h8Xovd0_pimWX47rD0NzYkZDLCGUC9U47iVTys_yXgu6DTG-vjXMl0WlvveiZiu841zO6e2qrt_HDAkzBId7ud_s1pG7Miv0ph_XDPLG5ny73i5gWBA6EDfcx1JwGnX-BUNg"
}
}
}

Login & Registration generates a Standard JWT token. You can use the id_token from the response as a Bearer Token to call your GraphQL or RESTful API and get the same response as using API_SECRET the only difference is the permission that the id_token has. Go to the next topic to learn more about using this Login Token.