5) Validating an access token

You can check if the accessToken is valid using the following query.

query accessTokenValid {
  accessTokenValid
}

Headers

{
  "Authorization": "Bearer {access_token}"
}

If the response is Unauthorized you will need to generate a new accessToken using the refreshToken stored in your database.

query accessToken {
  accessToken(refreshToken: "{refresh_token}") {
    accessToken
    refreshToken
    ttl
    grantLevel
  }
}

Response

{
  "accessToken": "xxxxx",
  "refreshToken": "xxxxx",
  "ttl": 3600,
  "grantLevel": ["User"]
}