Authenticating on Pipefy

For authentication regarding Pipefy GraphQL endpoints, you will need an OAuth2 Bearer token generated within the Pipefy platform. A user is considered authenticated once they have a valid Bearer Token.

To generate one:

Using your token to authenticate

To use your token to authenticate, you need to pass the key Authentication in the request header, with Bearer YOUR_TOKEN as the value.

Within your custom code it is necessary to manually write Bearer before adding your token, otherwise Pipefy will not be able to authenticate the user. Be sure to use the Authentication key and see examples of how to send a Bearer token in different languages. Try it and check the response, and if you see your user ID and email in the response, it means that you correctly authenticated to Pipefy.

On an API platform, like Postman or Insomnia, it is not necessary to manually write "Bearer" before your token, as the application will do it for you. Just go to the "Authorization" tab, choose "Bearer Token" as the type, and input your token as the value. See below an example on Postman.



To access a resource via API, you need to have the necessary role and permission for this resource. Click here to learn more about Company Roles and Permissions and here to learn more about Pipe Members and permissions.

Click Try It! to start a request and see the response here!