Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Difference between API token for REST and GRAPHQL

Danilo de Nadai Sicari
Danilo de Nadai Sicari December 10, 2021

Hi guys!! I've created an api token to use with REST API. I pass it by header Authentication and everything works fine:

curl 'https://myspace.atlassian.net/rest/api/3/users/search?maxResults=1000' \
-H 'Connection: keep-alive' \
-H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Google Chrome";v="90"' \
-H 'Accept: */*' \
-H 'Authorization: Basic base64<user:token>' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36' \
-H 'Origin: http://localhost:3000' \
-H 'Sec-Fetch-Site: same-site' \
-H 'Sec-Fetch-Mode: cors' \
-H 'Sec-Fetch-Dest: empty' \
-H 'Referer: http://localhost:3000/' \
-H 'Accept-Language: pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7' \
-H 'x-elastica_gw: 3.116.0' \
--compressed

But when I try to call an GRAPHQL endpoint I receive a forbidden error.

I thought the token was the same for both APIs, isn't it?

 

If it is not, where can I create a token for GRAPHQL API?

 

Here is my curl for GRAPHQL

curl 'https://myspace.atlassian.net/gateway/api/directory/graphql?q=UserDetails' \
-H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Google Chrome";v="90"' \
-H 'Accept: */*' \
-H 'Referer: http://localhost:3000/' \
-H 'Authorization: Basic base64<user:token>' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36' \
-H 'Content-Type: application/json' \
--data-raw $'{"operationName":"UserDetails","variables":{"userId":"1234","cloudId":"1234"},"query":"query UserDetails($userId: String\u0021, $cloudId: String\u0021) {\\n CloudUser(userId: $userId, cloudId: $cloudId) {\\n id\\n fullName\\n isCurrentUser\\n title\\n department\\n companyName\\n location\\n timezone\\n email\\n phoneNumber\\n remoteWeekdayIndex: localTime(format: \\"d\\")\\n remoteWeekdayString: localTime(format: \\"ddd\\")\\n remoteTimeString: localTime(format: \\"h:mma ([GMT]Z)\\")\\n __typename\\n }\\n}\\n"}' \
--compressed 

 

Answer
Watch
Like Be the first to like this
1672 views

1 answer

1 accepted

0 votes
Answer accepted
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 16, 2021

Hi Danilo,

If I understand the question here, you are looking to use the Basic Authentication when accessing the Graphql API.  This is still possible to do with curl, but it looks like there is a problem with your request.

First, your request in this case is not made directly to your Cloud site URL of example.atlassian.net, but rather directly to https://atlassian.net/gateway/api/graphql

Here is my example call

curl --request POST \
--url "https://atlassian.net/gateway/api/graphql" \
--header "Content-Type: application/json" \
--header "Authorization: Basic myREDACTEDencodedstring" \
--data '{"query": "query example {me {user { ... on AtlassianAccountUser {accountId \n accountStatus \n name \n picture}}}}"}'

When I made this specific call, I was able to get back a json response that showed me the expected information about the account I used to create my API token.

However I did have to adjust from the examples given over in https://developer.atlassian.com/platform/atlassian-graphql-api/graphql/#examples in order to get them to work in curl.  It appears that the multiple lines shown within the payloads of the examples aren't really working well in curl, thus the need to use a \n for a new line in my payload.  I also found from playing with this that if the payload contains any quotes, those too have to be escaped with a \ character before the request can be successful in curl.

Try this and let me know if that helps.

Andy

View More Comments
KrishnaMohan
KrishnaMohan June 7, 2023

Thanks, Andy, for the post.

I am trying for the mutation to post  i am getting 

curl: (18) HTTP/2 stream 1 was not closed cleanly before end of the underlying stream


I tried the below code. Will you be able to help. Mutation perfectly worked in graphql UI.

 curl --request POST \

--url "https://devopsprodemo.atlassian.net/gateway/api/graphql" \

--header "Content-Type: application/json" \

--header 'X-ExperimentalApi : AddRelatedWorkToVersion' \

--data '{"mutation useAddGenericLinkRelatedWork_addRelatedWorkMutation {

 jira {

 addRelatedWorkToVersion(

 input: {versionId: "ari:cloud:jira:45670433-08ae-464a-b8c0-9d28c52f048d:version/activation/3c595abf-zb8-4dae-a543-ead783a4d810/10000", relatedWorkId: "1234", url: "https://www.w3.org/Addressing/URL/url-spec.txt", title: "Reports", category: "Testing"}

) {

success

errors {

message

 }

 }

 }

 }'}''
Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security