Authentication

To communicate with our APIs, you will need an OAuth token with provided client ID and client secret, please contact your UnaBiz sales representative for credential creation.
UnaConnect API uses access tokens to identity the user who is performing the different queries. The access tokens that we provide are conformed to the OAuth2.0 protocol by using AWS Cognito. You will need to use the following endpoint : https://auth.unaconnect.io
For access token, you can also use the Postman json here
GraphQL Postman Collection.json
{
  "info": {
    "_postman_id": "6445bb01-0e83-45ed-af1e-166fd0ecec74",
    "name": "UnaConnect Production - GraphQL",
    "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json",
    "_exporter_id": "7010645"
  },
  "item": [
    {
      "name": "Login - Get access_token",
      "request": {
        "auth": {
          "type": "basic",
          "basic": [
            {
              "key": "password",
              "value": "client_secret",
              "type": "string"
            },
            {
              "key": "username",
              "value": "client_id",
              "type": "string"
            }
          ]
        },
        "method": "POST",
        "header": [
          {
            "key": "Authorization",
            "value": "Basic XX`",
            "type": "text"
          },
          {
            "key": "Content-Type",
            "value": "application/x-www-form-urlencoded",
            "type": "text"
          }
        ],
        "url": {
          "raw": "https://auth.unaconnect.io/oauth2/token?grant_type=client_credentials",
          "protocol": "https",
          "host": ["auth", "unaconnect", "io"],
          "path": ["oauth2", "token"],
          "query": [
            {
              "key": "grant_type",
              "value": "client_credentials"
            }
          ]
        }
      },
      "response": []
    },
    {
      "name": "UnaConnect - Me Query",
      "request": {
        "auth": {
          "type": "oauth2",
          "oauth2": [
            {
              "key": "accessToken",
              "value": "acccess_token",
              "type": "string"
            },
            {
              "key": "tokenType",
              "value": "Bearer",
              "type": "string"
            },
            {
              "key": "headerPrefix",
              "value": "",
              "type": "string"
            },
            {
              "key": "addTokenTo",
              "value": "header",
              "type": "string"
            }
          ]
        },
        "method": "POST",
        "header": [],
        "body": {
          "mode": "graphql",
          "graphql": {
            "query": "query me {
  me {
    name
    email
  }
}",
            "variables": ""
          }
        },
        "url": {
          "raw": "http://graphql.unaconnect.io/",
          "protocol": "http",
          "host": ["graphql", "unaconnect", "io"],
          "path": [""]
        }
      },
      "response": []
    }
  ],
  "auth": {
    "type": "oauth2",
    "oauth2": [
      {
        "key": "accessToken",
        "value": "",
        "type": "string"
      },
      {
        "key": "headerPrefix",
        "value": "",
        "type": "string"
      },
      {
        "key": "tokenType",
        "value": "Bearer",
        "type": "string"
      },
      {
        "key": "addTokenTo",
        "value": "header",
        "type": "string"
      }
    ]
  }
}

The /oauth2/token?grant_type=client_credentials endpoint gets the user's tokens and only supports HTTPS POST.
For more information on the specification see Token Endpoint.

Authorization - MANDATORY
Base64Encode(client_id:client_secret) - If the client was issued a secret, the client must pass its client_id and client_secret in the authorization header through Basic HTTP authorization. The secret is Basic.
Content-Type - MANDATORY
Must always be application/x-www-form-urlencoded.

Request
POST https://auth.unaconnect.io/oauth2/token?grant_type=client_credentials
Content-Type='application/x-www-form-urlencoded'
Authorization= 'Basic ***iMWl0NmY2M6ajIyYTJ***:****HRjYm9yZGtucjZhZ3J***' 
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
 "access_token":"eyJz9sdfsdfsdfsd",
 "token_type":"Bearer",
 "expires_in":3600
}
It will return the access_token with its expiration date and its value. You will need to provide this access_token in the Authorization Header of your future requests.