Requests to the GraphQL API endpoints are authenticated using the Authorization header of the HTTP request which should contain an access token.

For example:

curl -X POST 'https://api.ideavate.co/v1/graphql' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: ${token type} ${access token}' \
  -d '{"query":"{ getAuthorisedUser { scope } }"}'

Depending on the client application architecture, a number of different mechanisms for issuing access tokens are supported.