Application Access Token

TABLE OF CONTENTS

• Getting your application access token
• Invalid token
• Rate Limit on Generating Access Token

Getting your application access token

Nexar uses the OAuth 2 for API access. This requires applications to obtain an access token included in all requests to the Nexar API.

Real applications should follow the appropriate OAuth 2 flow to automatically obtain new access tokens as needed. 

To manually get an access token:

1. Sign in to the portal.
2. Select "Apps" on the navigation menu to the left.
3. Navigate to the "Authorization" tab at the top.
4. Click on the blue "Generate token" button. An access token will then be generated, which you can copy with the button on right-hand side of the token. This can then be used to access the API.

Please see this other article for further information on authorization in the Nexar API. This article covers fetching tokens in an IDE or programmatically.

Invalid Token

If your token is invalid, you will get a GraphQL response like the following:

{
  "errors": [
    {
      "message": "Token validation failed. Please provide a valid access token.",
      "locations": "...",
      "path": "...",
      "extensions": {
        "code": "AuthInvalidToken",
        "remote": "...",
        "schemaName": "..."
      }
    }
  ],
  "extensions": {
    "requestId": "..."
  }
}

The frequency with which new access tokens can be requested is restricted to protect our identity server.

Please ensure you do not request tokens more frequently than any of our limits:

• 2 tokens every second

• 200 tokens every 15 minutes

• 3,000 tokens every 12 hours

• 40,000 every week