Documentation
Login

Public API

GRAX's public API documentation is available here; a private version is available on your own GRAX deployment under /scalar (for example https://my-deployment-02.secure.grax.io/scalar).

The OpenAPI specification is at the /api/spec/grax.json endpoint, for example https://my-deployment-02.secure.grax.io/api/spec/grax.json.

GRAX API tokens are created in the GRAX Application's Settings page. Under API Tokens. Admin users can create new tokens with scopes like:

  • GRAX Admin
  • Power User
  • Purge User
  • Sandbox Seeding User

For security reasons you can not access the plain text token after initial creation. Instead, you can only generate a new token and revoke old ones.

Some fundamental API troubleshooting steps are described below. Please exhaust these steps before contacting GRAX Support. Details about API support requests can be found at the bottom.

My API request returned a 401 status code

A 401 status code indicates that the API request was incorrectly authenticated. This can happen for a number of reasons:

  1. The API token was not included in the request
  2. The headers used for API tokens are incorrect/mistyped
  3. The API token is incorrect

The GRAX API tokens are available in the GRAX Application's Settings page. Under API Tokens. They should be placed in request headers, like:

Authorization: Bearer <API TOKEN>

My failing API request includes parameter references

Make sure that any response being sent has correctly replaced any parameter references such as {{org_id}} that may have been included in documentation. Copying variable references that are not replaced is a common mistake.

Getting Help with the API

⚠️

Do not transmit secret values

GRAX Support does not require the specific secret values of your API tokens to assist with troubleshooting. Please do not transmit these values to GRAX Support. Redact such values in place whenever sending request/response examples.

If none of the above steps have resolved the issue, please contact GRAX Support and include the following information:

  1. What client is being used? (Salesforce Apex, Postman, Python, Go, etc.)
  2. What is the entire request being sent? (Method, URL, Body, Headers, etc.)
  3. What is the entire response being received? (Status Code, Body, Headers, Duration, etc.)
  4. What was the expected response?
  5. A screenshot of the client sending the request and surrounding context (request construction, configuration, etc.)
  6. The URL of the GRAX environment being targeted

Updated about 21 hours ago