Authenticated requests

Perform an HTTP POST request to <BASE_URL>/graphql with the following JSON body:

{
  "query": "<ESCAPED_QUERY>",
  "variables": {
    "merchantId": "<MERCHANT_ID>",
    "payload": "<JWT>"
  }
}

and the following headers:

Content-Type: application/json
Authorization: Bearer <TOKEN>

Notes:

The <BASE_URL> value will depend of which environment the client is performing requests to. Please refer to the environments section for more information.
The <TOKEN> value should be the token retrieved from the authentication request. Please refer to the authentication section for more information.
The <MERCHANT_ID> value will be shared with the merchant ahead of time.
The <ESCAPED_QUERY> must contain a valid GraphQL query.
The <JWT> must contain an encoded and signed payload.
Refer to the documentation of specific requests for details about the contents of <ESCAPED_QUERY> and <JWT>.

To encode and sign the payload content the following is required:

This information is shared with the merchant ahead of time

require 'jwt'

jwt = JWT.encode(content, signing_key, signing_algorithm)

Please refer to the official JWT website for more information about signing/verification libraries.

Last updated 6 months ago

Was this helpful?