[GH-ISSUE #375] Is there any documents for get token for graphql programmatically? #143

New issue

Closed

opened 2026-02-27 08:15:30 +03:00 by kerem · 4 comments

kerem commented

2026-02-27 08:15:30 +03:00

Owner

Originally created by @leopku on GitHub (Nov 23, 2022).
Original GitHub issue: https://github.com/lldap/lldap/issues/375

I wanna write some app backend with lldap but troubled with how to get token to access graphql endpoint.

Any advice?

Originally created by @leopku on GitHub (Nov 23, 2022). Original GitHub issue: https://github.com/lldap/lldap/issues/375 I wanna write some app backend with lldap but troubled with how to get token to access graphql endpoint. Any advice?

kerem closed this issue

2026-02-27 08:15:30 +03:00

kerem commented

2026-02-27 08:15:31 +03:00

Author

Owner

@nitnelave commented on GitHub (Nov 23, 2022):

Hmm, the doc is definitely missing. Unless you're writing your app in Rust (in which case you can use the lldap_auth crate, and I might have to publish it), it's going to be hard to use the OPAQUE protocol to log in (not stabilized yet, and we use a somewhat old version).

Thankfully, there's a more classical way forward: You can send a json POST request to /auth/simple/login with {"username": "john", "password": "1234"} in the body.
In the response, you'll have 2 http-only cookies (the JWT and the refresh token, valid longer), and they will also be in the response. The JWT is valid for a day, but within 30 days you can just call /auth/refresh and the refresh cookie will be enough to identify you.

The JWT is then used for identifying other requests, either through a cookie or through a Bearer Authorization header.

@nitnelave commented on GitHub (Nov 23, 2022): Hmm, the doc is definitely missing. Unless you're writing your app in Rust (in which case you can use the `lldap_auth` crate, and I might have to publish it), it's going to be hard to use the OPAQUE protocol to log in (not stabilized yet, and we use a somewhat old version). Thankfully, there's a more classical way forward: You can send a json POST request to `/auth/simple/login` with `{"username": "john", "password": "1234"}` in the body. In the response, you'll have 2 http-only cookies (the JWT and the refresh token, valid longer), and they will also be in the response. The JWT is valid for a day, but within 30 days you can just call `/auth/refresh` and the refresh cookie will be enough to identify you. The JWT is then used for identifying other requests, either through a cookie or through a Bearer Authorization header.

kerem commented

2026-02-27 08:15:31 +03:00

Author

Owner

@leopku commented on GitHub (Nov 23, 2022):

@nitnelave Your reply really help me. Thanks a lot.

@leopku commented on GitHub (Nov 23, 2022): @nitnelave Your reply really help me. Thanks a lot.

kerem commented

2026-02-27 08:15:31 +03:00

Author

Owner

@nitnelave commented on GitHub (Nov 23, 2022):

I'm looking forward to your app, I hope you'll share it!

If you want to write the authentication part in a doc somewhere, that would be helpful.

Also, BTW: I'm working on a somewhat big feature (https://github.com/nitnelave/lldap/issues/67) that'll change the API, including extending GraphQL. It'll be backwards-compatible, but you might be interested in supporting it once it's released (not quite for right now though).

@nitnelave commented on GitHub (Nov 23, 2022): I'm looking forward to your app, I hope you'll share it! If you want to write the authentication part in a doc somewhere, that would be helpful. Also, BTW: I'm working on a somewhat big feature (https://github.com/nitnelave/lldap/issues/67) that'll change the API, including extending GraphQL. It'll be backwards-compatible, but you might be interested in supporting it once it's released (not quite for right now though).

kerem commented

2026-02-27 08:15:31 +03:00

Author

Owner

@leopku commented on GitHub (Dec 4, 2022):

My app not start yet.

I can write and share a small demo app for your advise.

@leopku commented on GitHub (Dec 4, 2022): My app not start yet. I can write and share a small demo app for your advise.

kerem referenced this issue

2026-02-27 08:18:01 +03:00

[PR #143] [MERGED] Create Organizr.md #566