Authentications

Authentications represent the auth data used for authenticating to all the services that you would be integrating with Tray.

Get user authentications (user/master token)

post/

This query can be used to retrieve the authentications for a particular user.

Please also see our guide to Mapping and Editing Auths

Required Token Notes
User obtained after creating a user token (Users/Mutations/Create User Token)
the user token is a persistent token (valid for 2 days) that should be securely stored in your application
If Master token is used will return all the authentications from the Embedded Organization including all the auths created by owner/admin/contributors and NOT including your end user auths.

Here is an example query:

Get Authentications
query {
  viewer {
    authentications {
      edges {
        node {
          id
          name
          customFields
          service {
            id,
            name,
            icon,
            title,
            version
          }
          serviceEnvironment {
              id
              title
          }
        }
      }
      pageInfo{
        hasNextPage
        hasPreviousPage
      }
    }
  }
}
Returned Data Subfields Notes
id the authentication id
name the arbitrary name the end user has given to the authentication
service id, name, icon, title, version details of the service the authentication is for
serviceEnvironment id, title relevant when Importing Authentications
pageInfo hasNextPage, hasPreviousPage can be used for pagination
SecuritybearerAuth
Request
Responses
200

OK - If user token is passed, an array of all end user auths is returned. In case of master token, an array of auths from the embedded organization workspace is returned.

401

Unauthorized

403

Forbidden

500

Internal Error

Request samples
curl -i -X POST \
  https://tray.io/graphql \
  -H 'Authorization: Bearer <USER_OR_MASTER_TOKEN>' \
  -H 'Content-Type: application/json' \
  -d '{
    "query": "query {\n  viewer {\n    authentications {\n      edges {\n        node {\n          id\n          name\n          customFields\n          service {\n            id,\n            name,\n            icon,\n            title,\n            version\n          }\n        }\n      }\n      pageInfo{\n        hasNextPage\n        hasPreviousPage\n      }\n    }\n  }\n}",
    "variables": {}
  }'
Response samples
application/json
{}

Create user Auth (user/master token)

post/

Create a user authentication for a service (e.g. Dropbox or Airtable) that is used in your Embedded application.

For full instructions on using this mutation please see Importing Authentications

To generate the inputs needed, navigate to your Tray and scroll down to the section titled 'Authentication import generator'

Required Token Notes
User obtained after creating a user token (Users/Mutations/Create User Token)
the user token is a persistent token (valid for 2 days) that should be securely stored in your application
Argument Required Note
name Yes Arbitrary. Can help you categorize authentications according to service and End User
serviceId Yes See Importing Authentications
serviceEnvironmentId Yes See Importing Authentications
data Yes Used to specify auth data such as api key and domain. See Importing Auths
formData No Data that may be seen in the authentication dialog in the workflow builder, e.g. 'subdomain'
scopes Yes Can be empty array as below example. For setting scopes of access (read/write access to components)
hidden no Controls if authentication should be hidden in UI. Default is False

Here is an example mutation:

Create Authentication
mutation { 
  createUserAuthentication (input:{
    name: "my-test-sqs-authentication-1",
    serviceId: "e73d8e91-XXXX-XXXX-XXXX-37df289242",
    serviceEnvironmentId: "a84eu2880-XXXX-XXXX-XXXX-7edd82904d",
    data: "{\"region\":\"us-east-1\",\"account_id\":\"1234\",\"access_key\":\"accesskey\",\"secret_key\":\"secretkey\"}",
    scopes: [],
    hidden: true
  }) {
    authenticationId
  }
}
Create Authentication with clientMutationId
mutation { 
  createUserAuthentication (input:{
    name: "my-test-sqs-authentication-1",
    serviceId: "e73d8e91-XXXX-XXXX-XXXX-37df289242",
    serviceEnvironmentId: "a84eu2880-XXXX-XXXX-XXXX-7edd82904d",
    data: "{\"region\":\"us-east-1\",\"account_id\":\"1234\",\"access_key\":\"accesskey\",\"secret_key\":\"secretkey\"}",
    scopes: [],
    hidden: true,
    clientMutationId: "some-mutation-id" #OPTIONAL - only needed for legacy Relay & Apollo clients
  }) {
    authenticationId
    clientMutationId #OPTIONAL
  }
}
Returned Data Notes
authenticationId This will be needed when using createSolutionInstance as detailed in Importing Authentications
clientMutationId Only relevant if using the Relay GraphQL client
SecuritybearerAuth
Request
Responses
200

OK - Returns the authentication ID of new auth

401

Unauthorized

403

Forbidden

500

Internal Error

Request samples
curl -i -X POST \
  https://tray.io/graphql \
  -H 'Authorization: Bearer <USER_OR_MASTER_TOKEN>' \
  -H 'Content-Type: application/json' \
  -d '{
    "query": "mutation (\n    $authenticationName: String!,\n    $serviceId: String!,\n    $serviceEnvironmentId: String!,\n    $authenticationData: Json!,\n    $hidden: Boolean!\n    ){ createUserAuthentication (input:{\n            name: $authenticationName,\n            serviceId: $serviceId,\n            serviceEnvironmentId: $serviceEnvironmentId,\n            data: $authenticationData,\n            scopes: [],\n            hidden: $hidden\n      }) {\n    authenticationId\n  }\n}",
    "variables": {
      "authenticationName": "my-test-sqs-authentication-1",
      "serviceId": "e73d8e91-XXXX-XXXX-XXXX-37df289242",
      "serviceEnvironmentId": "a84eu2880-XXXX-XXXX-XXXX-7edd82904d",
      "authenticationData": "{\"region\":\"us-east-1\",\"account_id\":\"1234\",\"access_key\":\"accesskey\",\"secret_key\":\"secretkey\"}",
      "hidden": true
    }
  }'
Response samples
application/json
{
  • "data": {
    • "createUserAuthentication": {
      • "authenticationId": "8ffexxxx-xxxx-xxxx-xxxx-xxxxxx7e8c1d"
      }
    }
}

Delete user Auth (user/master token)

post/

Delete a user authentication

Required token Notes
User obtained after creating a user token (Users/Mutations/Create User Token)
the user token is a persistent token (valid for 2 days) that should be securely stored in your application

The mutation accepts the following as inputs:

Input Required Notes
authenticationId Yes obtained with Get User Authentications
also see our guide to Mapping and Editing Auths
clientMutationId No Only relevant if using the Relay GraphQL client

Here is an example mutation:

Delete Authentication
mutation {
  removeAuthentication(input: { 
    authenticationId: "dd36c246-XXXX-XXXX-XXXX-a600be2b39fe"
  }) {
    clientMutationId # REQUIRED - must specify as return field, it will be returned as NULL as it's not passed
  }
}
Delete Authentication with clientMutationId
mutation {
  removeAuthentication(input: { 
    authenticationId: "dd36c246-XXXX-XXXX-XXXX-a600be2b39fe", 
    clientMutationId: "some-mutaion-id"
  }) {
    clientMutationId # REQUIRED - must specify as return field
  }
}

It can return the following data:

Returned Data Notes
clientMutationId while this data is only relevant if using the Relay GraphQL client, it is actually required here as currently this mutation does not return any other data
SecuritybearerAuth
Request
Responses
200

OK - User authentication is deleted

401

Unauthorized

403

Forbidden

500

Internal Error

Request samples
curl -i -X POST \
  https://tray.io/graphql \
  -H 'Authorization: Bearer <USER_OR_MASTER_TOKEN>' \
  -H 'Content-Type: application/json' \
  -d '{
    "query": "mutation ($authenticationId: ID!){\n  removeAuthentication(input: { authenticationId: $authenticationId }) {\n    clientMutationId\n  }\n}",
    "variables": {
      "authenticationId": "dd36c246-XXXX-XXXX-XXXX-a600be2b39fe"
    }
  }'
Response samples
application/json
{
  • "data": {
    • "removeAuthentication": {
      • "clientMutationId": null
      }
    }
}