Authentication
An unauthenticated user can use only a handful of public mutations and queries. To gain more access, session token needs to be created and used.
Creating API user key​
To generate API user key you can do that at Analytics Hub or after logging into API you can use GraphQL API.
- Mutation
- Response
- cURL
mutation GenerateUserKey {
createUserKey {
id
secret
}
}
{
"data": {
"createUserKey": {
"id": "TjAwN1VzZXJLZXkxMzI",
"secret": "2199800d3dabcda4f96a36f0e410ec096aa5f1b59cad10b082cf779edff8541495245300"
}
}
}
curl -X POST -H "Content-Type: application/json" -H "apollographql-client-name: docs-example-client" -H "apollographql-client-version: 1.0.0" -H "x-auth-token: YOUR_API_SESSION_TOKEN" --data '{"query":"mutation GenerateUserKey { createUserKey { id secret } }"}' https://api.lumar.io/graphql
Obtain session token using API user key and secret token​
- Mutation
- Variables
- Response
- cURL
mutation LoginWithUserKey($secret: String!, $userKeyId: ObjectID!) {
createSessionUsingUserKey(input: { userKeyId: $userKeyId, secret: $secret }) {
token
}
}
{
"userKeyId": 130,
"userKeyId": "TjAwN1VzZXJLZXkxMzA",
"secret": "Zp8FxbFEri-hU1iE5_9n4890c0TxmCkNIetdz0CvPpEQA-cWg1NErxIMXBnEvRHU1xH1e3qC"
}
{
"data": {
"createSessionUsingUserKey": {
"token": "81372d5bd83919e791be3fe06cdf2b7e760eebe525b3f4f2a8c1a856fc4ea935e14331eb235e7b972d66037e22a4ac7009d9a2d1ff414a751fe29b425c449d00"
}
}
}
curl -X POST -H "Content-Type: application/json" -H "apollographql-client-name: docs-example-client" -H "apollographql-client-version: 1.0.0" --data '{"query":"mutation LoginWithUserKey($secret: String!, $userKeyId: ObjectID!) { createSessionUsingUserKey(input: { userKeyId: $userKeyId, secret: $secret }) { token } }","variables":{"userKeyId":"TjAwN1VzZXJLZXkxMzA","secret":"Zp8FxbFEri-hU1iE5_9n4890c0TxmCkNIetdz0CvPpEQA-cWg1NErxIMXBnEvRHU1xH1e3qC"}}' https://api.lumar.io/graphql
Using session token​
After signing in you will receive session token that will be valid for 30 days.
To authenticate requests to the API send session token in HTTP header x-auth-token
value.
curl -H "x-auth-token: <session token>" -XPOST https://api.lumar.io/graphql -H "Content-Type: application/json" --data-raw '{"query": "{version}"}'
Passing invalid session token will result in 401 error.