Authentication

Overview

CoverGo's system use Bearer Token to authenticate request. Requests without the Bearer Token in reqeust header will be treated as unauthenicated.

Request header example

{
  "Authorization" "Bearer <your accessToken goes here>"
}

Get Access and Refresh Token

Access and refresh token can be get using query token_2

Query Examples

query login {
  token_2(
    tenantId: "demo_uat",
    clientId: "AgentPortal",
    username: "[email protected]",
    password: "MyNewPassword"
  ){
    accessToken
    refreshToken
    error
  }
}

Result:

{
  "data": {
    "token_2": {
      "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2MjMyOTMxMzYsImV4cCI6MTYyMzM3OTUzNiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo2MDAwMCIsImF1ZCI6WyJodHRwOi8vbG9jYWxob3N0OjYwMDAwL3Jlc291cmNlcyIsImN1c3RvbV9wcm9maWxlIl0sImNsaWVudF9pZCI6IkFnZW50UG9ydGFsIiwic3ViIjoiNjBjMTdhYzM1NDIxNWNkZTg5YmJjOGE5IiwiYXV0aF90aW1lIjoxNjIzMjkzMTM2LCJpZHAiOiJsb2NhbCIsInRlbmFudElkIjoiZGVtb191YXQiLCJhcHBJZCI6IkFnZW50UG9ydGFsIiwiZW50aXR5SWQiOiI3MTE2YmYzYS1mMTA0LTRlMDgtODMzNy1mZGJhYzIxMWI4NmUiLCJlbnRpdHlUeXBlIjoiaW50ZXJuYWwiLCJzY29wZSI6WyJjdXN0b21fcHJvZmlsZSIsIm9mZmxpbmVfYWNjZXNzIl0sImFtciI6WyJwd2QiXX0.JDXMmlAs3o6QTQ2Yfb5aXkl8RP6-KPgqkLmH-tLsn4S2SX2HjOEaVVTCxTW3iaK6wshvr6xir6BwJK50HoU48mRx4BXiVkMxQqsGaUSmS1Zg74HfkFvGyHHZlEiv_Jj_lmFQIKk_UcUpyF52yVNDOatZXblMleQPqbwfPHBvhQsUC1vNI3DwZur-Fz1RifEqXl322Zz-fCfaJT1aXOJtlHph49crmxPrT2O45jAq0es5cUmt6M0aTCaFloQjNaTKYWH03C6PyYQ97ZBkdgpMyqZgGGuchsfgTrdzLW6kJhzG3xlgwFkPNzmDrm-CmOw9AgeuYIIRjJuitn422Uo4iA",
      "refreshToken": "e49f6a3bbf9e12b287decdda50367dd596b7fc107417c8bcc733e0dcb6ec8988",
      "error": null
    }
  }
}

Tips:

To get the credentials (tenantId, clientId, username, password), contact CoverGo team

Get Access Token using Refresh Token

Query refreshToken can be used to get an access token from a refresh token.

Query Examples

query refresh {
  refreshToken(
    tenantId: "demo_uat",
    clientId: "AgentPortal",
    refreshToken: "e49f6a3bbf9e12b287decdda50367dd596b7fc107417c8bcc733e0dcb6ec8988"
  ){
    accessToken
    refreshToken
  }
}

Result:

{
  "data": {
    "refreshToken": {
      "accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2MjMyOTMxOTQsImV4cCI6MTYyMzM3OTU5NCwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo2MDAwMCIsImF1ZCI6WyJodHRwOi8vbG9jYWxob3N0OjYwMDAwL3Jlc291cmNlcyIsImN1c3RvbV9wcm9maWxlIl0sImNsaWVudF9pZCI6IkFnZW50UG9ydGFsIiwic3ViIjoiNjBjMTdhYzM1NDIxNWNkZTg5YmJjOGE5IiwiYXV0aF90aW1lIjoxNjIzMjkzMTM2LCJpZHAiOiJsb2NhbCIsInRlbmFudElkIjoiZGVtb191YXQiLCJhcHBJZCI6IkFnZW50UG9ydGFsIiwiZW50aXR5SWQiOiI3MTE2YmYzYS1mMTA0LTRlMDgtODMzNy1mZGJhYzIxMWI4NmUiLCJlbnRpdHlUeXBlIjoiaW50ZXJuYWwiLCJzY29wZSI6WyJjdXN0b21fcHJvZmlsZSIsIm9mZmxpbmVfYWNjZXNzIl0sImFtciI6WyJwd2QiXX0.MiqXotCIGeOtSYkCxy27QWZBi-cRPnZGtVLKo2t6r4mY_1dKBg_4QtnjUc5USB9wsdDDwksMZU1eppu6cBItQiIKbj0yz5TyFRQoJdat-z3bxnsRaD1eVm-mWAa47093E19QUjnwXC57YI2zUcKL-ieO0y47VSBdgDBTwExZce0Af9A8DsvG0i1aZ7YShJovSYhy5xKGfLILhO1dk7tmxTQUzhIT8hyUMditno79NTbTl5adEM85wKzeoOLMoEO_owrg8bqNzJwJwFNK0QOjvL1WAFGvgLxuXLcXHeeItIZ6Q8HaWAcfYVRRzGa7Z_ERXRAcgXbm0oHCB4mRNZPczg",
      "refreshToken": "a71e6255d687c2d2865dd1d65a1f41d1579bca055c0333f1710c060a44f4714a"
    }
  }
}

Notes:

The refreshToken can be used once and will become invalid after successful calling of query refreshToken. In the next call of query refreshToken, you need to use a new refreshToken.

API Endpoint Localization

On this page