Project User Login API
The only way for a register user to access the protected content is to log in first via api.
User Login Via GraphQL
note
These GraphQL Queries & Mutation (userLogin
, userRegistration
) and Endpoints (/system/auth/login
and /system/auth/register
) is available only after the successful
configuration of Authentication
AddOns from Settings
Via GraphQL Query
query UserLoginQuery {
userLogin(secret: "mysecretpassword1234", email: "[email protected]") {
refresh_token
id_token
}
}
Via RESTful API
curl -X POST "https://api.apito.io/secured/rest/project-id/system/auth/login"
-H "accept: application/json" -H "Authorization: Bearer API_SECRET" -H "Content-Type: application/json"
-d "{\"email\":\"[email protected]\",\"secret\":\"mysecretpassword1234\"}"
Login Response
{
"data": {
"userLogin": {
"id_token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6Im5ld3VzZXJAZ21haWwuY29tIiwiZXhwIjoxNjE3NjgxOTkyLCJpYXQiOjE2MTc1OTU1OTIsImp0aSI6InY5SlhJVUpjS0diV0RFaTB3WWFERGsyWW1CR3o5c0JIIiwicHJvamVjdCI6InF1YW50dW1fZWNvbW1lcmNlX2RkbGo0Iiwicm9sZSI6ImF1dGh1c2VyIiwidXNlciI6ImY2ZGU1NzUyLWFlMDgtNGFiZS1hNzc4LTUzMjNkNDVlNTVlZiJ9.kFUQa8w0HsM00H1Rn-sr3yLlfvWVNsFeux0jghBnQ0_oXUQHE1y8a_yPSqEOX6tcb1LqcH2uWAeFPLbL5rx4cNZ_uCHvgIiDlQRUX4OZ_NtRrNgk35Me0serNupF3Jl1EWxdCYZjvIbO2a0hh0FGtl6Fy0dcgpWjbp1gW7Oxe1jzcuheawnYHemuI85qqUdGk2TnVPYfCYQRclqwbRnWzzGbRebUN9ayJQkbmlegrPqgB5Iw3FIGdHC95rqgCKNEOhbm7mMtkTbjAtqJBmabSGalw1MUxhNqUB-Gr9GeiV2STHoh07x5sPr61ekUTJ0zPH4zz-XhTUpuab0VvZZLCg",
"refresh_token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MjAxODc1OTIsImlhdCI6MTYxNzU5NTU5MiwianRpIjoiUU9hNXE1RWRZR1V4SEZNNm1HeUNDekZZa0RCM1NhT1UiLCJwcm9qZWN0IjoicXVhbnR1bV9lY29tbWVyY2VfZGRsajQiLCJyb2xlIjoiYXV0aHVzZXIiLCJ1c2VyIjoiZjZkZTU3NTItYWUwOC00YWJlLWE3NzgtNTMyM2Q0NWU1NWVmIn0.SIe8ZXsGuvG_DjvSwg64d88UqsqpxDoiOcqROAsu-nQ2ljNyBqnAHi8kzLnRfXWfUo2wMnvKwlh2FqJhyDy4FteUzWSkingj3PhtjSXPcoBmbQlsjQGgY4skntmxJketM01qC_wOnZDRICQLAJ6Tai_JmaRlD6KcZydJXOLPFpvz2_UwLkQL4jFDNtubFfCtxXbggY1wJXX0Lzt488h8Xovd0_pimWX47rD0NzYkZDLCGUC9U47iVTys_yXgu6DTG-vjXMl0WlvveiZiu841zO6e2qrt_HDAkzBId7ud_s1pG7Miv0ph_XDPLG5ny73i5gWBA6EDfcx1JwGnX-BUNg"
}
}
}
Login & Registration generates a Standard JWT token. You can use the id_token
from the response as a Bearer Token to call your GraphQL or RESTful API and get the same response as
using API_SECRET
the only difference is the permission that the id_token
has. Go to the next topic to learn more about using this Login Token.