Authentication

All GraphQL requests require a valid JWT (JSON Web Token) for both authentication and authorization:

1. Use your Platform user name or API token and an account ID associated with an active Platform account to send a GET request to https://api.boomi.com/auth/jwt/generate/account ID with Basic Authentication. This returns a JWT in the response. Include X-Boomi-OTP=<token> in the header.

   You can use either username+password+MFA+account ID or just the API Token + account ID to get the JWT Token.

   • Username and password are for basic authentication

   • MFA format: X-Boomi-OTP:<value> in the header

   • Account ID is in the endpoint

   • API Token format: You can use basic authentication - username = BOOMI_TOKEN.<username>@<email.com> and password = API Token value

2. Use the JWT with Bearer Authentication (add a header to your http request with name Authorization and value Bearer <JWT\>) for all requests to https://api.boomi.com/graphql.

The JWT token expires every five minutes. You must then obtain a new JWT token.