Hi Khoros Team,
We saw the note regarding the move from REST to GraphQL: Khoros Communities: Aurora 25.04 Release Notes | Atlas
How would we accomplish session key authentication with GraphQL?
Thanks!
For now, authentication is still done with the APIv1 authentication mechanisms.
Session key authentication with GraphQL is typically handled at the transport layer generate a session token after login, store it securely (cookie or header), and validate it on each request via middleware or resolvers.
Hey beefjorgensen,
Pass the session key as an HTTP header named `li-api-session-key`.
Example:
curl -X POST 'https://your-community.com/api/2.1/graphql' \
-H 'Content-Type: application/json' \
-H 'li-api-session-key: YOUR_SESSION_KEY_HERE' \
-d '{ "query": "query MessageSearch($searchTerm: String!)
{ messageSearch(searchTerm: $searchTerm, first: 10)
{ results { edges { node { ... on TopLevelMessageSearchResult { message { id subject } } } } } } }",
"variables": {"searchTerm": "your search term"} }'To obtain a session key:
POST /restapi/vc/authentication/sessions/login?restapi.response_format=json.v3
Content-Type: application/x-www-form-urlencoded
user.login=username&user.password=password
Example:
curl -s -X POST 'https://<your-community>.com/restapi/vc/authentication/sessions/login?restapi.response_format=json.v3' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'user.login=$USERNAME&user.password=$PASSWORD'
Response: { "response": { "status": "success", "value": { "$": "your-session-key-here" } } }The session key will be in the response at `response.value.$`.
Please ping me if you have more questions.
How do you pass session-key in a GraphQL search request?
For now, authentication is still done with the APIv1 authentication mechanisms.
