Skip to main content

Get Your Access Token

  1. Login to Galxe - Visit dashboard.galxe.com
  2. Open Settings - Click your Account → Settings
  3. API Access - Navigate to “Server API” section
  4. Generate Token - Click “Generate New API Tokens”
  5. Copy Token - Save the token securely (you can’t view it again)

Using the Token

Include your token in the access-token header: 
curl -X POST https://graphigo-business.prd.galaxy.eco/query \
  -H "Content-Type: application/json" \
  -H "access-token: YOUR_ACCESS_TOKEN" \
  -d '{"query": "query { __typename }"}'

Security Best Practices

Environment Variables

# .env file
GALXE_ACCESS_TOKEN=your_token_here

// JavaScript
const accessToken = process.env.GALXE_ACCESS_TOKEN;

# Python
import os
access_token = os.getenv('GALXE_ACCESS_TOKEN')

Production Deployment

  • Use secret management systems (AWS Secrets Manager, HashiCorp Vault)
  • Never commit tokens to version control
  • Rotate tokens regularly
  • Use environment-specific tokens

Common Issues

Invalid Token

{
  "errors": [{
    "message": "Invalid access token: invalid token",
    "extensions": {
      "code": "INVALID_TOKEN",
      "category": "AUTHENTICATION",
      "http_status": 401,
      "request_id": "req_123456789",
      "timestamp": "2024-01-01T00:00:00Z"
    }
  }]
}
Solution: Regenerate token in dashboard settings

Missing Header

{
  "errors": [{
    "message": "Access token is required",
    "extensions": {
      "code": "TOKEN_REQUIRED",
      "category": "AUTHENTICATION",
      "http_status": 401,
      "request_id": "req_123456789",
      "timestamp": "2024-01-01T00:00:00Z"
    }
  }]
}
Solution: Add access-token header to request

Rate Limiting

{
  "errors": [{
    "message": "API quota exceeded: daily limit reached",
    "extensions": {
      "code": "QUOTA_EXCEEDED",
      "category": "RATE_LIMIT",
      "http_status": 429,
      "request_id": "req_123456789",
      "timestamp": "2024-01-01T00:00:00Z",
      "details": ["quota_type: daily", "limit: 1000"]
    }
  }]
}
Solution: Implement exponential backoff retry logic

Error Response Format

All GraphQL errors follow a standardized format with additional metadata: 
{
  "errors": [{
    "message": "Human-readable error message",
    "extensions": {
      "code": "ERROR_CODE",           // Machine-readable error code
      "category": "ERROR_CATEGORY",   // Error classification
      "http_status": 400,             // Corresponding HTTP status
      "request_id": "req_xxx",        // Request tracking ID
      "timestamp": "2024-01-01T00:00:00Z",
      "details": ["additional", "context"],  // Optional details array
      "context": {                    // Optional context object
        "field": "value"
      }
    }
  }]
}

Error Codes and Categories

CodeCategoryHTTP StatusDescription
TOKEN_REQUIREDAUTHENTICATION401Access token missing
INVALID_TOKENAUTHENTICATION401Access token invalid
QUOTA_EXCEEDEDRATE_LIMIT429API quota exceeded
PERMISSION_DENIEDAUTHORIZATION403Insufficient permissions
NOT_FOUNDNOT_FOUND404Resource not found
INVALID_ARGUMENTVALIDATION400Invalid input parameters

Next Steps

I