Bearer

Bearer tokens provide a secure way to authenticate requests to resource servers and enable identity-based access control in Optimizely Graph. An application authenticates the user with an authorization server, receives a token, and includes that token in subsequent requests to access protected resources. Because the token represents the authenticated user, it supports fine-grained access decisions per request.

Include the token in the Authorization header using the following format:

Authorization: Bearer TOKEN

Optimizely Graph supports authorization servers that comply with the OpenID Connect (OIDC) protocol. For information, see OpenID Connect.

Use Bearer authentication for identity-based access with JSON Web Tokens (JWT), typically alongside OAuth 2.0 or single sign-on (SSO) systems.

Request examples

The following snippets show how to call the Optimizely Graph endpoint with a JWT bearer token from common client environments.

cURL example

Use this curl command to send a GraphQL query authenticated with a JWT bearer token.

curl -X POST "https://cg.optimizely.com/content/v2" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{"query": "{ Product { items { name } } }"}'

JavaScript example

Use the following JavaScript snippet to call the same endpoint with the Fetch API.

const response = await fetch("https://cg.optimizely.com/content/v2", {
method: "POST",
headers: {
"Authorization": "Bearer YOUR_JWT_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({ query: "{ Product { items { name } } }" }),
});

const data = await response.json();
console.log(data);