API requests

Using an auth token to make a GraphQL query

All API requests are handled through a single endpoint: app.fytt.io/api. Every request must include a valid auth token in the Authorization header with the Bearer scheme declaration:

Authorization: Bearer <your-access-token>

Unauthorized requests will return a 401 Unauthorized response. 

Every API call should be a POST request using the application/json content type with a single query parameter named query.

The query param should be a string that contains a GraphQL structured query. Queries can take on a number of different formats depending on how decide to structure them. Below is a generic example that illustrates the most basic format of a GraphQL query:

mutation {
operationArg: "value"
) {
returnObject {

The query above is telling the system to perform a mutation with a operationName name and its required arguments (operationArg), then asking for a specific object (returnObject) with the specified attributes (objectAttribute) in response. In addition to the specified object, it's asking for the request status and any errors.

In practice, the request would look something like this (abbreviated):

POST app.fytt.io/api?query="mutation { operationName(...) {...} }"

The response would be a JSON object with the following structure:

"data": {
"operationName": {
"returnObject": {
"objectAttribute": "attributeValue",
"status": "ok",
"errors": []

Refer to the FYTT API Reference for more details on structuring specific requests.