# GraphQL API & Authentication

## What is GraphQL?

GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. GraphQL provides a complete and understandable description of the data in your API, gives clients the power to ask for exactly what they need and nothing more, makes it easier to evolve APIs over time, and enables powerful developer tools.

You can learn more about the GraphQL framework here: <https://graphql.org/>

For testing it would be good to use [Postman](https://www.postman.com/) or [Insomnia](https://insomnia.rest/) or some other similar API client.

## How do I access the TSG Global GraphQL API?

{% hint style="danger" %}
This authentication method is different than the API key authentication method used for other TSG Global services, and the TNID service.
{% endhint %}

You can generate a Bearer token to access our GraphQL API using the username and password you use to access our [Customer Portal](https://customer-portal.tsgglobal.com). This token lasts for 7 days.

## Generate Bearer Token

<mark style="color:green;">`POST`</mark> `https://api.portal.tsgglobal.world/account/login`

#### Request Body

| Name                                       | Type   | Description              |
| ------------------------------------------ | ------ | ------------------------ |
| email<mark style="color:red;">\*</mark>    | string | Your user email address. |
| password<mark style="color:red;">\*</mark> | string | Your password.           |

{% tabs %}
{% tab title="200: OK " %}

```javascript
{
    "token": "POAPK_*********",
    "user": {
        "email": "test.user@tsgglobal.com",
        "first_name": "Test",
        "id": "*****",
        "last_name": "User",
        "level": "basic_user"
    }
}
```

{% endtab %}

{% tab title="401: Unauthorized Invalid email or password." %}

```javascript
{
    "errors": [
        {
            "id": "unauthorized",
            "message": "Invalid email or password."
        }
    ]
}
```

{% endtab %}
{% endtabs %}

When you query the API, you will want to pass your credentials in the header, with the header name "Authorization" and the value as "Bearer \<token>".

If you are missing these credentials, please email us at: <support@tsgglobal.com>

## Where can I test the GraphQL API and view more documentation?

You can test various features and view additional documentation in the GraphiQL interface we provide here: <https://api.portal.tsgglobal.world/graphiql>

## What URL should I use to perform my queries and mutations?

Please use: <https://api.portal.tsgglobal.world/graphql> (note this is different than the GraphiQL UI).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.tsgglobal.com/graphql-api-and-authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.