Skip to content

Creating a connected application to authenticate requests

  Less than to read

GraphQL API calls require a bearer token in the authorization header to authenticate requests. This token is based on the JSON Web Token (JWT) standard. This token is mandatory to create a client_id and a secret. In Sage X3, those tokens are associated with an instance of the connected application entity.

  1. Open: Administration > Administration > Settings > Authentication > Connected applications.

  2. Click the New connected application button.

  3. Fill in the table:

    • Name: A name to identify the connected application. For example, adc.

    • URL: The full URL to the API endpoint. For example, http://myx2Server:8124/xtrem/api.

    • Tokens validity: The maximum lifetime in seconds of the token. For example, 600.

    • Allowed user: The login of the Syracuse user to be used to authenticate. Use a dedicated user for API calls. For example, adc.

  4. Click Save and save both the client ID and secret in a safe place.