In this article:
Thinkific's GraphQL API uses two different authorization methods:
- The API Access Token Authorization method for private applications (intended only for use for single account use)
- The OAuth Authorization method for public applications (intended for use with apps listed on the Thinkific App Store)
API Access Token Authorization
You can create a Thinkific API Access Token through your account's Thinkific Admin Panel.
How do I create an API Access Token?
- In your Thinkific account, click on Settings
- Click on the Code & Analytics tab
- Under API Access Tokens click "Add API Access Token"
- Give the token an identifiable name
- Select an expiry method
- Click "Save"
After clicking SAVE, you’ll be presented with your token once and only once. Please copy this and store it somewhere safe.
NOTE: Please ensure that you follow industry best practices for storing and using your API Access Token safely. If you are not confident that you can securely manage your API Access Tokens, we strongly recommend using a shorter expiration time.
How do I make requests using my API Access Token?
Once you have your access token, you can make requests to the Graph by adding it as an Authorization header in your requests (replace <token> with your copied token value):
| Header Name | Header Value |
| Authorization | Bearer <token> |
How do I revoke an API Access Token?
- In your Thinkific account, click on Settings
- Click on the Code & Analytics tab
- Click "Remove" next to the token you'd like to delete
OAuth Authorization
If you intend to use GraphQL for an app listed on the Thinkific App Store you can authorize GraphQL using OAuth.