1. First you need to create a credential that you want to use in your campaign. Please contact the galaxy BD team if you have no access/experience with galaxy dashboard before, they will help you to walk through the concepts of Galxe dashboard and give you access.
  2. Then you will need an access token bound to your wallet address to use this API. Please go to the Galxe user setting page to generate an access token.
  3. We’ll check if the access token in the request is valid. First, we’ll find the address bound to the access token and the space to which the requested credential belongs in the request. Then, we’ll verify if the address has permission to access that space. Therefore, please ensure that your wallet address has the necessary permissions to access the space to which the cred belongs. Typically, this would be the space’s owner or admin. You can follow these steps to add an address as a space admin:
    1. Log in to Galxe using the space owner’s address.
    2. Navigate to the Settings page in the left sidebar of the space details page.
    3. Click on the “Accounts” tab in the Settings page.
    4. Click on “Add new member”.

NOTEGalxe backend has a rate litmit. If request volume is large, please contact us with your external IP so that we can put you on the whitelist. Otherwise, you will encounter 403 error when rate limit is reached.



  1. (header, string, mandatory) access-token: use to auth if you have access to update credential items, the user with this access token must be the credential curator
  2. (int, mandatory) credId: the credential id you want to update
  3. (enum string, mandatory) operation:
    1. APPEND, append items in the list.
    2. REPLACE (use only when there is very little addresses in total, e.g., less than 500), remove all items and replace them with items in the list. This operation is not transactional, so DO NOT use if you have a long list of addresses. It is recommended to call REMOVE first then use APPEND.
    3. REMOVE, remove items from the list.
  4. (string array, mandatory) items: items list(address or email) to be modified, refer to operation. The length of array must not exceed 500.

NOTE: Always retry when any error is returned. See below example of how to check both GraphQL and HTTP errors. APPEND and REMOVE are re-entrant, so it is ok to just send the query again. REPLACE is not recommended to use.


mutation {
    input: {
      credId: "312"
      operation: APPEND
      items: [
  ) {



const credId = "123";
const operation = "APPEND";
const items = ["0x123"];

// Nodejs using Axios lib
let result = await"", {
  operationName: "credentialItems",
  query: `
    mutation credentialItems($credId: ID!, $operation: Operation!, $items: [String!]!) 
        credentialItems(input: { 
          credId: $credId 
          operation: $operation 
          items: $items 
    variables: {
      // Make sure this is string type as int might cause overflow
      credId: credId,
      operation: operation,
      items: items
    headers: {
      "access-token": "access-token-of-yours",
if (result.status != 200) {
  throw new Error(result);
} else if (result.errors && result.errors.length > 0) {
  // NOTE: GraphQL returns 200 even if there's an error,
  // so must explicitly check result.errors.
  throw new Error(result.errors);