Authentication

Get Your Access Token

Login to Galxe - Visit dashboard.galxe.com
Open Settings - Click your Account → Settings
API Access - Navigate to “Server API” section
Generate Token - Click “Generate New API Tokens”
Copy Token - Save the token securely (you can’t view it again)

Using the Token

Include your token in the access-token header:

curl -X POST https://graphigo-business.prd.galaxy.eco/query \
  -H "Content-Type: application/json" \
  -H "access-token: YOUR_ACCESS_TOKEN" \
  -d '{"query": "query { __typename }"}'

Security Best Practices

Environment Variables

# .env file
GALXE_ACCESS_TOKEN=your_token_here

// JavaScript
const accessToken = process.env.GALXE_ACCESS_TOKEN;

# Python
import os
access_token = os.getenv('GALXE_ACCESS_TOKEN')

Production Deployment

Use secret management systems (AWS Secrets Manager, HashiCorp Vault)
Never commit tokens to version control
Rotate tokens regularly
Use environment-specific tokens

Common Issues

Invalid Token

{
  "errors": [{
    "message": "Invalid access token: invalid token",
    "extensions": {
      "code": "INVALID_TOKEN",
      "category": "AUTHENTICATION",
      "http_status": 401,
      "request_id": "req_123456789",
      "timestamp": "2024-01-01T00:00:00Z"
    }
  }]
}

Solution: Regenerate token in dashboard settings

Missing Header

{
  "errors": [{
    "message": "Access token is required",
    "extensions": {
      "code": "TOKEN_REQUIRED",
      "category": "AUTHENTICATION",
      "http_status": 401,
      "request_id": "req_123456789",
      "timestamp": "2024-01-01T00:00:00Z"
    }
  }]
}

Solution: Add access-token header to request

Rate Limiting

{
  "errors": [{
    "message": "API quota exceeded: daily limit reached",
    "extensions": {
      "code": "QUOTA_EXCEEDED",
      "category": "RATE_LIMIT",
      "http_status": 429,
      "request_id": "req_123456789",
      "timestamp": "2024-01-01T00:00:00Z",
      "details": ["quota_type: daily", "limit: 1000"]
    }
  }]
}

Solution: Implement exponential backoff retry logic

Error Response Format

All GraphQL errors follow a standardized format with additional metadata:

{
  "errors": [{
    "message": "Human-readable error message",
    "extensions": {
      "code": "ERROR_CODE",           // Machine-readable error code
      "category": "ERROR_CATEGORY",   // Error classification
      "http_status": 400,             // Corresponding HTTP status
      "request_id": "req_xxx",        // Request tracking ID
      "timestamp": "2024-01-01T00:00:00Z",
      "details": ["additional", "context"],  // Optional details array
      "context": {                    // Optional context object
        "field": "value"
      }
    }
  }]
}

Error Codes and Categories

Code	Category	HTTP Status	Description
`TOKEN_REQUIRED`	`AUTHENTICATION`	401	Access token missing
`INVALID_TOKEN`	`AUTHENTICATION`	401	Access token invalid
`QUOTA_EXCEEDED`	`RATE_LIMIT`	429	API quota exceeded
`PERMISSION_DENIED`	`AUTHORIZATION`	403	Insufficient permissions
`NOT_FOUND`	`NOT_FOUND`	404	Resource not found
`INVALID_ARGUMENT`	`VALIDATION`	400	Invalid input parameters

Next Steps

Quick Start - Test your token
Common Patterns - Integration patterns
Rate Limits - API limits and optimization

Getting Started

Integration Guides

API Reference

Resources

Get Your Access Token

Using the Token

Security Best Practices

Environment Variables

Production Deployment

Common Issues

Invalid Token

Missing Header

Rate Limiting

Error Response Format

Error Codes and Categories

Next Steps

Getting Started

Integration Guides

API Reference

Resources

​Get Your Access Token

​Using the Token

​Security Best Practices

​Environment Variables

​Production Deployment

​Common Issues

​Invalid Token

​Missing Header

​Rate Limiting

​Error Response Format

​Error Codes and Categories

​Next Steps

Get Your Access Token

Using the Token

Security Best Practices

Environment Variables

Production Deployment

Common Issues

Invalid Token

Missing Header

Rate Limiting

Error Response Format

Error Codes and Categories

Next Steps