API Authentication

All Causely GraphQL API requests require authentication using a Bearer token. You'll need to exchange your API client credentials for an access token using our authentication endpoint.

How to Get API Access Token

To verify that your credentials are working, you can use the following curl command. Replace <YOUR_CLIENT_ID> and <YOUR_CLIENT_SECRET> with the credentials you generated above:

CAUSELY_CLIENT_ID=<YOUR_CLIENT_ID>
CAUSELY_CLIENT_SECRET=<YOUR_CLIENT_SECRET>
curl -X POST https://auth.causely.app/frontegg/identity/resources/auth/v2/api-token \
  -H "Content-Type: application/json" \
  -d "{
    \"clientId\": \"${CAUSELY_CLIENT_ID}\",
    \"secret\": \"${CAUSELY_CLIENT_SECRET}\"
  }"

Example Response:

{
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ik...",
  "refresh_token": "25b14169-b912-4d15-8f9c-xxxxxxxx",
  "expires_in": 86400,
  "expires": "Sat, 31 May 2025 22:54:23 GMT"
}

You can use the access_token for subsequent API calls. If you want to retrieve the access token and store it in an environment variable, you can use the following curl command:

CAUSELY_CLIENT_ID=<YOUR_CLIENT_ID>
CAUSELY_CLIENT_SECRET=<YOUR_CLIENT_SECRET>
export CAUSELY_ACCESS_TOKEN=$(response=$(curl -s -w "\n%{http_code}" -X POST https://auth.causely.app/frontegg/identity/resources/auth/v2/api-token \
  -H "Content-Type: application/json" \
  -d "{\"clientId\": \"${CAUSELY_CLIENT_ID}\", \"secret\": \"${CAUSELY_CLIENT_SECRET}\"}"); \
  http_code=$(echo "$response" | tail -n1); \
  body=$(echo "$response" | sed '$d'); \
  if [ "$http_code" = "200" ]; then echo "$body" | jq -r .access_token; else echo "$body" >&2; false; fi)

You can then use the ${CAUSELY_ACCESS_TOKEN} environment variable for subsequent API calls.

Similarly you can obtain the token using your preferred programming language.

python

# Make sure to install the requests library: pip install requests
import os, requests

def get_causely_access_token(client_id, client_secret,
    url="https://auth.causely.app/frontegg/identity/resources/auth/v2/api-token"):
    res = requests.post(url, headers={"Content-Type": "application/json"},
                        json={"clientId": client_id, "secret": client_secret})
    if res.status_code != 200:
        raise requests.HTTPError(f"Token request failed ({res.status_code}): {res.text}")
    token = res.json().get("access_token")
    if not token:
        raise ValueError("No access_token in response.")
    return token

# Example usage:
if __name__ == "__main__":
    cid, secret = os.getenv("CAUSELY_CLIENT_ID"), os.getenv("CAUSELY_CLIENT_SECRET")
    if not cid or not secret:
        raise EnvironmentError("Missing CAUSELY_CLIENT_ID or CAUSELY_CLIENT_SECRET.")
    try:
        token = get_causely_access_token(cid, secret)
        print("Access token:", token)
    except Exception as e:
        print(f"Error: {e}")

javascript

const https = require('https');

function getCauselyAccessToken(
  clientId,
  clientSecret,
  url = 'https://auth.causely.app/frontegg/identity/resources/auth/v2/api-token',
) {
  return new Promise((resolve, reject) => {
    const data = JSON.stringify({ clientId, secret: clientSecret });
    const req = https.request(
      url,
      {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json',
          'Content-Length': Buffer.byteLength(data),
        },
      },
      (res) => {
        let body = '';
        res.on('data', (chunk) => (body += chunk));
        res.on('end', () => {
          if (res.statusCode !== 200) {
            return reject(new Error(`HTTP ${res.statusCode}: ${body}`));
          }
          const json = JSON.parse(body);
          if (!json.access_token) return reject(new Error('No access_token in response.'));
          resolve(json.access_token);
        });
      },
    );
    req.on('error', reject);
    req.write(data);
    req.end();
  });
}

// Example usage
const { CAUSELY_CLIENT_ID, CAUSELY_CLIENT_SECRET } = process.env;

if (!CAUSELY_CLIENT_ID || !CAUSELY_CLIENT_SECRET) {
  console.error('Missing CAUSELY_CLIENT_ID or CAUSELY_CLIENT_SECRET');
  process.exit(1);
}

getCauselyAccessToken(CAUSELY_CLIENT_ID, CAUSELY_CLIENT_SECRET)
  .then((token) => console.log('Access token:', token))
  .catch((err) => console.error('Error:', err.message));

go

package main

import (
	"bytes"
	"encoding/json"
	"fmt"
	"io"
	"net/http"
	"os"
)

func getToken(id, secret, url string) (string, error) {
	data, _ := json.Marshal(map[string]string{"clientId": id, "secret": secret})
	req, _ := http.NewRequest("POST", url, bytes.NewReader(data))
	req.Header.Set("Content-Type", "application/json")
	res, err := http.DefaultClient.Do(req)
	if err != nil {
		return "", err
	}
	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)
	if res.StatusCode != 200 {
		return "", fmt.Errorf("status %d: %s", res.StatusCode, body)
	}
	var resp map[string]interface{}
	if err := json.Unmarshal(body, &resp); err != nil {
		return "", err
	}
	token, ok := resp["access_token"].(string)
	if !ok || token == "" {
		return "", fmt.Errorf("no access_token in response")
	}
	return token, nil
}

func main() {
	id, secret := os.Getenv("CAUSELY_CLIENT_ID"), os.Getenv("CAUSELY_CLIENT_SECRET")
	if id == "" || secret == "" {
		fmt.Fprintln(os.Stderr, "Missing CAUSELY_CLIENT_ID or CAUSELY_CLIENT_SECRET")
		os.Exit(1)
	}
	url := "https://auth.causely.app/frontegg/identity/resources/auth/v2/api-token"
	token, err := getToken(id, secret, url)
	if err != nil {
		fmt.Fprintln(os.Stderr, "Error:", err)
		os.Exit(1)
	}
	fmt.Println("Access token:", token)
}