Authentication
Generating an API token
You can generate API tokens for the Worksome API via our authentication platform, Authsome.
You can view your existing tokens, as well as create new ones, from the dashboard.
The API token is in JWT format, with a registered list of scopes. When generating your API token, by default it will include access to all account scopes that your authenticated user has access to (e.g. company:123
).
Authenticating with the API
All API calls that require authentication must provide a standard Authorization
header using the Bearer
authentication scheme.
To make a test request via curl, run the command below with your token:
curl -H "Authorization: Bearer ${WORKSOME_API_TOKEN}" -X POST -d " \
{ \
\"query\": \"query { profile { name }}\" \
} \
" https://api.worksome.com/graphql
The string value of “query” must escape newline characters or the schema will not parse it properly. For the POST body, use outer double quotes and escaped inner double quotes.
Token expiration
By default, generated API tokens are valid for a year from creation. Upon reaching your token’s expiration date, the token is automatically revoked.
Revoking a token
Tokens can be manually revoked via the Authsome dashboard. This is useful for when the token is no longer necessary, or for security purposes.