Disclaimer: This website requires Please enable JavaScript in your browser settings for the best experience.

Dev guideRecipesUser Guides
Dev guideRecipesAPI ReferenceChangelog
Dev guideRecipesUser GuidesNuGetDev CommunityOptimizely AcademySubmit a ticketLog In
Dev guide
NuGetDev CommunityOptimizely AcademySubmit a ticket
Start typing to search…

Bearer

RBAC oriented access

Authorization: "Bearer {token}"

Bearer tokens provide a secure way to authenticate requests to resource servers. An application authenticates the user with an authorization server, receives a token, and includes that token in subsequent requests to access protected resources. Because the token represents the authenticated user, it enables fine-grained access control.

Optimizely Graph supports authorization servers that comply with the OpenID Connect (OIDC) protocol. For information, see OpenID Connect

This mechanism is best suited for identity-based access (JWT) and is often used with OAuth 2.0 or SSO systems.

cURL Example

curl -X POST "https://cg.optimizely.com/content/v2" \ 
-H "Authorization: Bearer YOUR_JWT_TOKEN" \ 
-H "Content-Type: application/json" \ 
-d '{"query": "{ Product { items { name } } }"}'

JavaScript Example

const response = await fetch("https://cg.optimizely.com/content/v2", { 
method: "POST", 
headers: { 
"Authorization": "Bearer YOUR_JWT_TOKEN", 
"Content-Type": "application/json" 
}, 
body: JSON.stringify({ query: "{ Product { items { name } } }" }), 
}); 

const data = await response.json(); 
console.log(data);

Updated 5 days ago