Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Difference between API token for REST and GRAPHQL

Danilo de Nadai Sicari December 10, 2021

Hi guys!! I've created an api token to use with REST API. I pass it by header Authentication and everything works fine:

curl 'https://myspace.atlassian.net/rest/api/3/users/search?maxResults=1000' \
-H 'Connection: keep-alive' \
-H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Google Chrome";v="90"' \
-H 'Accept: */*' \
-H 'Authorization: Basic base64<user:token>' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36' \
-H 'Origin: http://localhost:3000' \
-H 'Sec-Fetch-Site: same-site' \
-H 'Sec-Fetch-Mode: cors' \
-H 'Sec-Fetch-Dest: empty' \
-H 'Referer: http://localhost:3000/' \
-H 'Accept-Language: pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7' \
-H 'x-elastica_gw: 3.116.0' \
--compressed

But when I try to call an GRAPHQL endpoint I receive a forbidden error.

I thought the token was the same for both APIs, isn't it?

 

If it is not, where can I create a token for GRAPHQL API?

 

Here is my curl for GRAPHQL

curl 'https://myspace.atlassian.net/gateway/api/directory/graphql?q=UserDetails' \
-H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Google Chrome";v="90"' \
-H 'Accept: */*' \
-H 'Referer: http://localhost:3000/' \
-H 'Authorization: Basic base64<user:token>' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36' \
-H 'Content-Type: application/json' \
--data-raw $'{"operationName":"UserDetails","variables":{"userId":"1234","cloudId":"1234"},"query":"query UserDetails($userId: String\u0021, $cloudId: String\u0021) {\\n CloudUser(userId: $userId, cloudId: $cloudId) {\\n id\\n fullName\\n isCurrentUser\\n title\\n department\\n companyName\\n location\\n timezone\\n email\\n phoneNumber\\n remoteWeekdayIndex: localTime(format: \\"d\\")\\n remoteWeekdayString: localTime(format: \\"ddd\\")\\n remoteTimeString: localTime(format: \\"h:mma ([GMT]Z)\\")\\n __typename\\n }\\n}\\n"}' \
--compressed 

 

1 answer

1 accepted

0 votes
Answer accepted
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 16, 2021

Hi Danilo,

If I understand the question here, you are looking to use the Basic Authentication when accessing the Graphql API.  This is still possible to do with curl, but it looks like there is a problem with your request.

First, your request in this case is not made directly to your Cloud site URL of example.atlassian.net, but rather directly to https://atlassian.net/gateway/api/graphql

Here is my example call

curl --request POST \
--url "https://atlassian.net/gateway/api/graphql" \
--header "Content-Type: application/json" \
--header "Authorization: Basic myREDACTEDencodedstring" \
--data '{"query": "query example {me {user { ... on AtlassianAccountUser {accountId \n accountStatus \n name \n picture}}}}"}'

When I made this specific call, I was able to get back a json response that showed me the expected information about the account I used to create my API token.

However I did have to adjust from the examples given over in https://developer.atlassian.com/platform/atlassian-graphql-api/graphql/#examples in order to get them to work in curl.  It appears that the multiple lines shown within the payloads of the examples aren't really working well in curl, thus the need to use a \n for a new line in my payload.  I also found from playing with this that if the payload contains any quotes, those too have to be escaped with a \ character before the request can be successful in curl.

Try this and let me know if that helps.

Andy

KrishnaMohan June 7, 2023

Thanks, Andy, for the post.

I am trying for the mutation to post  i am getting 

curl: (18) HTTP/2 stream 1 was not closed cleanly before end of the underlying stream


I tried the below code. Will you be able to help. Mutation perfectly worked in graphql UI.

 curl --request POST \

--url "https://devopsprodemo.atlassian.net/gateway/api/graphql" \

--header "Content-Type: application/json" \

--header 'X-ExperimentalApi : AddRelatedWorkToVersion' \

--data '{"mutation useAddGenericLinkRelatedWork_addRelatedWorkMutation {

jira {

addRelatedWorkToVersion(

input: {versionId: "ari:cloud:jira:45670433-08ae-464a-b8c0-9d28c52f048d:version/activation/3c595abf-zb8-4dae-a543-ead783a4d810/10000", relatedWorkId: "1234", url: "https://www.w3.org/Addressing/URL/url-spec.txt", title: "Reports", category: "Testing"}

) {

success

errors {

message

}

}

}

}'}''

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events