Authentication

TargetData GraphQL API uses Authorization: Bearer scheme in order to authenticate the user.
You have to provide a valid access token in every request against our /graphql endpoint.
Access tokens are generated using an offline refresh token, which is bound to your account.

How to create an offline refresh token

In order to create an offline refresh token you need to open the following URL in your browser:
https://targetdata-api.tvtestenv1.net/auth/offline-token

After filling in your credentials you will be redirected to a page, which displays your offline refresh token.
This type of token never expires.
You should keep it in a secure vault and use it as a secret in your client application targeting our GraphQL endpoint.

How to create access tokens

In order to create a new access token you have to execute a POST request against our /auth/token endpoint.
Our endpoint accepts POST url-encoded forms with a mandatory refresh_token field.

Example curl:

curl -X POST \ 
  -d "refresh_token=YOUR_OFFLINE_REFRESH_TOKEN" \
  "https://targetdata-api.tvtestenv1.net/auth/token"

Example response:

{
  "access_token": "ZrSmxmU0FFbVo5VS16NTlBczdTMF9iVW5VZTAyOE52MmtUMVM4In0.eyJleHAiOjE2NDkxNjI1MjYsImlhdCI6MTY0OTE1ODkyNiwiYXV0aF90aW1lIjoxNjQ5MDgwNTQzLCJqdGkiOiIyYjI5NjIwZi05YTgyLTRhNjAtODU0ZC1lOGExZjYxNjgxMTQiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLnRlYXZhcm8ubmV0L2F1dGgvcmVhbG1zL3Rlc3RlbnYiLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiZGY4OTQ3NTgtNTMxYi00ODk4LTgyZmItOGY5ZjQ3ODYxYzk1IiwidHlwIjoiQmVhcmVyIiwiYXpwIjoidGFyZ2V0ZGF0YS1ncWwiLCJzZXNzaW9uX3N0YXRlIjoiZjM5NmUyMTAtZGVlYi00MDczLWE3N2YtMWYxYTBkYzBjZjk0IiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyJodHRwczovL3RhcmdldGRhdGEtYXBpLnR2dGVzdGVudjEubmV0LyJdLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsib2ZmbGluZV9hY2Nlc3MiLCJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgb2ZmbGluZV9hY2Nlc3MgcHJvZmlsZSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwibmFtZSI6IlRhcmdldERhdGEgR3JhcGhRTCIsInByZWZlcnJlZF91c2VybmFtZSI6InRhcmdldGRhdGEtZ3FsQHRlYXZhcm8uY29tIiwiZ2l2ZW5fbmFtZSI6IlRhcmdldERhdGEiLCJmYW1pbHlfbmFtZSI6IkdyYXBoUUwiLCJlbWFpbCI6InRhcmdldGRhdGEtZ3FsQHRlYXZhcm8uY29tIn0.osEJTtz07R8XTGCEXWPZ3pcwEUvW-TkOhCon9l7Qr_m0BfkiuqQrKkSfq-76Nri_zXO6rnGsCuAbE0lZKZqpun1CzqyUL_YwQBOQ9kwv5nZG065n4fyhhzqiSSjBobqbJYLwylNVFsDUxif_TWY3Acp4LSVII07XlVy5FUOde-Zzu99hsbZY11oFiZOOdSd7PpIf7t1cYZP0uTFml_s2pNGxHLD5_TZ2i86uOVWj7D8guCI7PUVZ8T7rigaLT5FM2lwtfF9VbH3N29M-PvXuqAz1kB-HBy5B0JOCkgyYnoxbhnQroyiSTUS92bzSd7fVoQcXkbL3yg_L3yEh3gt7xw",
  "expires_in": 3600,
  "refresh_expires_in": 0,
  "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJiYTk4",
  "token_type": "Bearer",
  "session_state": "f396e211-deeb-4073-c57f-1f1a0dc0cf94",
  "scope": "email offline_access profile"
}

Your access token is available in the access_token field and is valid for 3600 seconds (1 hour).
If your access token expires, our API will respond with HTTP status code 401. In such a case, you should simply create a new one using the described method and execute the same query again.
It is possible to have multiple access tokens at the same time.

Use your access token in the Authorization: Bearer scheme.
Header name: Authorization
Header value: Bearer <your-access-token>