Ordrestyring GraphQL API

Ordrestyring's API is a GraphQL API, you can find more information about it here: https://graphql.org

Table of Contents

  1. Authentication
  2. Endpoints and testing
  3. Pagination
  4. Examples
  5. Error handling
  6. Rate limiting
  7. Questions

Authentication

GraphQL recieves input and return results in json. So a Content-Type: application/json header is required.

Authorization is done with an Authorization header. Authorization: Bearer {apiToken}. Example: Authorization: Bearer my_api_token123456789

Example using curl:

  curl https://graphql.ordrestyring.dk/graphql \
     --request POST \
     --data '{"query": "query { cases(pagination: {cursor: null, limit: 10}, orderBy: {field: "updatedAt", direction: DESC}) { items { id caseNumber } nextCursor previousCursor } }' \
    -H "Accept: application/json" \
    -H "Authorization: Bearer my_api_token123456789" \
    -H "Content-Type: application/json"

Endpoints and testing

Endpoints can be found in the GraphQL UI: GraphiQL UI.

GraphiQL is an interface which shows the available endpoints and also make it possible to test queries right in the browser.

Input your api key in the input field. You will find available endpoints on the right.

Pagination

Cursor pagination is the recommended way for doing pagination using our api.

To get first page, set the cursor argument to null:

query {
  cases(pagination: {cursor: null, limit: 10}, orderBy: {field: "updatedAt", direction: DESC}) {
    items {
      id
      caseNumber
    }
    nextCursor
    previousCursor
  }
}

Then use the nextCursor from the result as the new cursor argument to get the next page:

query {
  cases(pagination: {cursor: "eyJjYXNlcy51cGRhdGVkX2F0IjoxNjMzMDczMDA1LCJjYXNlcy5pZCI6NzI5OCwiX3BvaW50c1RvTmV4dEl0ZW1zIjp0cnVlfQ", limit: 10}, orderBy: {field: "updatedAt", direction: DESC}) {
    items {
      id
      caseNumber
    }
    nextCursor
    previousCursor
  }
}

Examples

Queries, endpoints that are used to fetch data
query {
  cases(pagination: {cursor: null, limit: 10}, orderBy: {field: "updatedAt", direction: DESC}) {
    items {
      id
      caseNumber
    }
    nextCursor
    previousCursor
  }
}

test in UI

Mutations, endpoints that are used to update, create, delete
mutation($id: Int!, $input: UpdateUserInput!) {
  updateUser(id: $id, input: $input) {
      id
  }
}

test in UI

Mutations with file upload
  curl -X POST \
    https://graphql.ordrestyring.dk/graphql \
    -H 'Cache-Control: no-cache' \
    -H 'content-type: multipart/form-data;' \
    -F 'operations={"query":"mutation ($file: Upload!) {  uploadCaseDocument(input: {caseId: 10, file: $file}) {id}}","variables":{}}' \
    -F 'map={"0":["variables.file"]}' \
    -F 0=@"C:/Users/cn/Desktop/xml_with_multipage_tiff.xml" \
    -H "Authorization: Bearer lol" \
    -H "Accept: application/json" \

Error handling

An error has occurred if the returned response include an 'errors'-key.

This also applies for responses returned with status code 2**

The errors-key will include an array of errors.

{
  "errors": [
    {
      "message": "validation",
      "locations": [
        {
          "line": 2,
          "column": 3
        }
      ],
      "type": "ValidationError",
      "validation": {
        "id": [
          "The selected id is invalid."
        ]
      }
    }
  ],
  "data": {
    "caseById": null
  }
}

test in UI

Rate limiting

The api is rate limited to prevent misuse.

The api will throw an error when the rate limit is reached:

{
  "errors": [
    {
      "message": "Too Many Attempts.",
      "type": "ThrottleRequestsException",
    }
  ],
  "data": null
}

The header Retry-After: will be available to inform when a new attempt can be made.

Two headers in every response will also be included to give more information about number of attempts: X-RateLimit-Limit, X-RateLimit-Remaining

Questions

Questions can be sent to api@ordrestyring.dk