Skip to main content

Query (query) Endpoint

Used to make requests to the API generated from your database. Standard GraphQL endpoint that take the usual fields "query", "variables", and "operationName".

For all requests send to the endpoints in "routes", set an HTTP "Authorization" header to the text "Bearer " and then the contents of the "access_token" field. This token will be checked by the Devii server, and its cryptographic signature means it can't be changed without being invalidated, and can't be faked. It will positively identfiy the logged in role as being authorized.

The access token is not permanent: it has a default expiration time of 1 day (86400 seconds).

The refresh token can be used to request a new access token, by sending a GET request to the /auth endpoint with the Authorization header set to "Bearer [refresh_token]". This will issue a new access token and resend the other data. The refresh token has a default expiration time of 7 days (604800 seconds).

Auth Endpoint Successful Response
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiJ9...",
"message": "Logged in as demo_user.",
"refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiJ9...",
"roleid": 1611,
"routes": {
"base": "",
"query": "",
"roles_pbac": ""
{Truncated Schema...}


user {
Show Code
const QUERY_URL = "";
const ACCESS_TOKEN = auth_response.access_token;
const QUERY_URL = auth_response.routes.query;
const query = "{\r\n user {\r\n id\r\n username\r\n }\r\n}";

var myHeaders = new Headers();
myHeaders.append("Authorization", `Bearer ${ACCESS_TOKEN}`);
myHeaders.append("Content-Type", "application/json");

var graphql = JSON.stringify({
query: "{\r\n user {\r\n username\r\n id\r\n }\r\n}",
variables: {},
var requestOptions = {
method: "POST",
headers: myHeaders,
body: graphql,
redirect: "follow",

fetch(QUERY_URL, requestOptions)
.then((response) => response.text())
.then((result) => console.log(result))
.catch((error) => console.log("error", error));



Set up the authorization header with a token signed by Devii's auth endpoint.

{ "error": "Unauthorized access: Missing Authorization Header", "status": 401 }

Issue with database, login to Portal, test the connection to the database on the Edit Configuration view.

{"error":"Tenant 101 is misconfigured, could not load schema.","status":400}