Quick Start 5 min
Make your first WorkAxle API call against staging in about five minutes. By the end, you'll have run a GraphQL query and you'll know where to go next to explore the full surface interactively.
Prerequisites
You need three things:
- A staging account. Contact your WorkAxle account team or partnership manager — there is no self-serve sandbox today.
- Auth0 credentials — a client ID and client secret tied to your staging account. The Authentication page covers how those are issued.
- A terminal with
curlinstalled. Everything below usescurlso it copy-pastes anywhere.
You don't need to install anything from WorkAxle. There's no SDK to download.
Step 1 — Get an access token
Exchange your Auth0 credentials for a bearer token. The token is short-lived (typically one hour) and goes on every subsequent request.
## exchange client credentials for a bearer token
curl -X POST 'https://workaxle-staging.us.auth0.com/oauth/token' \
-H 'Content-Type: application/json' \
-d '{
"grant_type": "client_credentials",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"audience": "https://api.staging.workaxle.com/v1"
}'
The audience is a fixed Auth0 API identifier — the same value for every surface (REST and both GraphQL schemas authenticate with one token). Its /v1 suffix is not an API route and is unrelated to API versioning: REST endpoints live under /api/v1/, GraphQL under /v2/..., but both are called with this single https://api.staging.workaxle.com/v1 audience token.
{
"access_token": "eyJhbGciOiJSUzI1NiIs...",
"token_type": "Bearer",
"expires_in": 3600
}
Copy the access_token — you'll use it as $TOKEN below.
Step 2 — Run your first query
Ask the API who you are. The me query is the simplest authenticated call: it confirms your token works and returns your user record.
curl -X POST 'https://api.staging.workaxle.com/v2/graphql' \
-H "Authorization: Bearer $TOKEN" \
-H 'Content-Type: application/json' \
-d '{
"query": "query Me { me { id profile { firstName lastName email } } }"
}'
{
"data": {
"me": {
"id": "...",
"profile": {
"firstName": "Alex",
"lastName": "Doe",
"email": "alex@example.com"
}
}
}
}
That's it — you've made an authenticated GraphQL call against WorkAxle.
What if it didn't work?
| Response | Likely cause | Fix |
|---|---|---|
401 Unauthorized | Token missing, expired, or malformed | Re-run Step 1; copy the full access_token value |
403 Forbidden | Token valid but lacks the required scope | Check that your client is authorized for the App schema |
errors: [...] | Field name or nesting differs from this example | Open GraphiQL (Step 3) and explore the actual schema |
| Network error / 502 | Staging temporarily unavailable | Retry in a few minutes |
Step 3 — Explore interactively
The fastest way to learn the rest of the surface is to open the live GraphQL explorer. WorkAxle ships a built-in GraphiQL IDE on each schema endpoint:
App schema
User-facing operations, real-time mutations, single-record reads.
Open GraphiQL →Integration schema
Bulk import/export, partner connectors, scheduled syncs.
Open GraphiQL →Open the Headers tab at the bottom of the query pane and add Authorization: Bearer <your_token>. Queries without the header are accepted as anonymous (introspection works) but mutations and protected fields will fail.