Authentication - Slash graphql

All the APIs documented here require an API token for access. A new API token can be generated from Slash GraphQL by selecting the “Settings” button from the sidebar, then clicking the Add API Key button. Keep your API key safe, it will not be accessible once you leave the page.

All admin API requests must be authenticated by passing the API token as the ‘X-Auth-Token’ header to every HTTP request. You can verify that your API token works by using the following HTTP example.

curl 'https://<your-backend>/admin' \
  -H 'X-Auth-Token: <your-token>' \
  -H 'Content-Type: application/json' \
  --data-binary '{"query":"{ getGQLSchema { schema } }"}'

This is a companion discussion topic for the original entry at https://dgraph.io/docs/slash-graphql/admin/authentication/