Skip to main content
mutation LoginViaPersonalApiToken($apiKey: String!) {
  loginViaPersonalApiToken(token: $apiKey) {
    accessToken
  }
}

Arguments

apiKey
String!
required
Your API key provided by Filed.

Returns

accessToken
String!
Bearer token for API authentication. Use this token in the Authorization header for all subsequent requests.Format: Authorization: Bearer <accessToken>All API requests, including the login request, should include a source-platform header with your platform identifier (e.g., tax-firm-a, my-sample-platform, qount). This header is used to uniquely identify API requests for analytical purposes and does not affect rate limits or any other API functionality.
For partner API keys, the access token provides access to all workspaces created by that partner. You can use the same access token to call APIs against any workspace you’ve created, allowing you to manage multiple tax firm customers from a single authenticated session.

Example

curl -X POST https://gateway.filed.com/graphql \
  -H "Content-Type: application/json" \
  -H "source-platform: my-sample-platform" \
  -d '{
    "query": "mutation LoginViaPersonalApiToken($apiKey: String!) { loginViaPersonalApiToken(token: $apiKey) { accessToken } }",
    "variables": {
      "apiKey": "your-api-key-here"
    }
  }'

{
  "data": {
    "loginViaPersonalApiToken": {
      "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
    }
  }
}
Store the accessToken securely and use it in the Authorization header for all subsequent requests. Access tokens are valid for a limited time; implement token refresh logic as needed. Remember to include the source-platform header in all API requests, including the login request.

Troubleshooting

Problem: loginViaPersonalApiToken returns an error Solutions:
  • Verify your API key is correct and hasn’t expired
  • Check that you’re using the correct GraphQL endpoint: https://gateway.filed.com/graphql
  • Ensure your partner account is active