Last updated: 2026-04-06
Reference
GraphQL API Reference¶
Dxtra's GraphQL API provides type-safe access to privacy compliance data.
Quick Reference
Getting Started: Authentication Setup | First Request Guide
API Information¶
| Property | Value |
|---|---|
| Endpoint | https://api.dxtra.ai/v1/graphql |
| Authentication | JWT Bearer + API Role |
| Schema Introspection | Enabled |
| Real-Time Support | WebSocket subscriptions |
| Response Format | Standard GraphQL: {data: {...}} or {errors: [...]} |
Authentication Flow¶
Two-step authentication process for accessing the GraphQL API:
sequenceDiagram
participant Client as Client Application
participant Auth as auth.dxtra.ai
participant API as api.dxtra.ai/v1/graphql
Client->>Auth: 1. POST /v1/signin/pat
Note over Client,Auth: {"personalAccessToken": "dxtra_pat_..."}
Auth-->>Client: 2. Return JWT Session
Note over Auth,Client: {"session": {"accessToken": "eyJ0..."}}
Client->>API: 3. GraphQL Request
Note over Client,API: Authorization: Bearer JWT<br/>X-Hasura-Role: user
API-->>Client: 4. Data Response
Note over API,Client: {"data": {...}}Authentication Headers¶
Required Headers
Both headers are mandatory for all GraphQL API requests.
Required Authentication Headers
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9... # (1)
X-Hasura-Role: user # (2)
Content-Type: application/json # (3)
Available Roles:
| Role | Access Level | Use Case |
|---|---|---|
user | Organization data access | Standard integration and dashboard access |
me | Current user self-service | Single-user data access for authenticated users |
dataSubject | Individual privacy data | Data subject rights access |
anonymous | Public transparency portal | Customer-facing privacy features |
Core Data Types¶
Privacy data model for regulatory compliance operations:
- DataController -- Organizations managing personal data
- DataSubject -- Individuals whose data is processed
- ProcessingActivity -- Records of data processing operations
- RightsRequest -- Data subject privacy rights requests
Utility Types¶
- uuid -- Universally unique identifiers
- timestamptz -- Timezone-aware timestamps
- jsonb -- Structured JSON data
Query Examples¶
Data Subject Management¶
GraphQL
query FindDataSubject($dataSubjectId: uuid!, $dataControllerId: uuid!) {
dataSubjects(
where: {
_and: [
{ id: { _eq: $dataSubjectId } },
{ dataControllerId: { _eq: $dataControllerId } }
]
}
limit: 1
) {
id
did
dataControllerId
createdAt
updatedAt
dataProcessingActivities(
order_by: { triggeredAt: desc }
limit: 10
) {
id
typeId
triggeredAt
type {
label
comment
}
}
}
}
Processing Activity Tracking¶
GraphQL
query GetProcessingActivities(
$dataControllerId: uuid!,
$startDate: timestamptz!,
$endDate: timestamptz!,
$limit: Int = 50
) {
dataProcessingActivities(
where: {
dataSubject: { dataControllerId: { _eq: $dataControllerId } },
triggeredAt: {
_gte: $startDate,
_lte: $endDate
}
}
order_by: { triggeredAt: desc }
limit: $limit
) {
id
typeId
sourceId
triggeredAt
fieldIds
preferenceIds
dataSubject {
id
did
}
type {
label
comment
}
source {
label
}
}
processingActivityStats: dataProcessingActivitiesAggregate(
where: {
dataSubject: { dataControllerId: { _eq: $dataControllerId } },
triggeredAt: { _gte: $startDate, _lte: $endDate }
}
) {
aggregate {
count
}
}
}
Data Subject Rights¶
GraphQL
query GetRightsRequests($dataControllerId: uuid!) {
dataSubjectsRightsRequests(
where: {
dataSubject: { dataControllerId: { _eq: $dataControllerId } }
}
order_by: { createdAt: desc }
) {
id
dataSubjectId
requestType
status
description
createdAt
verified
dataSubject {
id
did
dataController {
title
}
}
}
}
Real-Time Subscriptions¶
WebSocket-based real-time updates for live privacy monitoring:
Live Activity Monitoring¶
GraphQL
subscription LiveProcessingActivities($dataControllerId: uuid!) {
dataProcessingActivities(
where: {
dataSubject: { dataControllerId: { _eq: $dataControllerId } }
}
order_by: { triggeredAt: desc }
limit: 50
) {
id
typeId
sourceId
triggeredAt
dataSubject {
id
did
}
type {
label
}
source {
label
}
}
}
Rights Request Updates¶
GraphQL
subscription RightsRequestUpdates($dataControllerId: uuid!) {
dataSubjectsRightsRequests(
where: {
dataSubject: { dataControllerId: { _eq: $dataControllerId } }
}
order_by: { createdAt: desc }
) {
id
requestType
status
createdAt
verified
dataSubject {
id
did
}
}
}
Query Patterns¶
Filtering¶
Sorting¶
Pagination¶
Error Handling¶
GraphQL error handling for robust integrations:
JSON
{
"errors": [
{
"message": "Could not verify JWT: JWTExpired",
"extensions": {
"code": "access-denied",
"path": "$"
}
}
]
}
Resolution: Refresh JWT token using authentication endpoint.
Schema Exploration¶
Schema Introspection¶
Explore the complete Dxtra privacy schema using GraphQL introspection:
GraphQL
query IntrospectionQuery {
__schema {
types {
name
description
kind
fields {
name
type {
name
kind
}
}
}
queryType {
name
fields {
name
description
}
}
mutationType {
name
fields {
name
description
}
}
}
}
Recommended GraphQL Clients¶
- GraphiQL -- Browser IDE with auto-completion and schema documentation
- Altair GraphQL -- Desktop application with multi-environment support
- Apollo Studio -- Enterprise GraphQL platform with schema registry
Best Practices¶
Performance¶
- Use specific field selection -- only request needed data
- Implement proper pagination for large datasets
- Cache frequently accessed data appropriately
Security¶
- Always include proper authentication headers
- Validate user permissions for data access
- Use parameterized queries to prevent injection
Error Handling¶
- GraphQL responses use standard format with
dataanderrorsfields - Check for
errorsarray in all responses - Handle network timeouts with retry logic
Response Format
Dxtra's GraphQL API follows standard GraphQL conventions. Responses contain either {data: {...}} for success or {errors: [...]} for failures. Some GraphQL actions return their own response structures within the data field -- check the Actions Reference for action-specific response formats.
Command Line Examples¶
Bash
# Configuration
API_KEY="your_dxtra_api_key_here"
AUTH_URL="https://auth.dxtra.ai/v1/signin/pat"
GRAPHQL_URL="https://api.dxtra.ai/v1/graphql"
# Get JWT token
JWT_TOKEN=$(curl -s -X POST "$AUTH_URL" \
-H "Content-Type: application/json" \
-d "{\"personalAccessToken\":\"$API_KEY\"}" \
| jq -r '.session.accessToken')
# GraphQL query
curl -X POST "$GRAPHQL_URL" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $JWT_TOKEN" \
-H "X-Hasura-Role: user" \
-d '{"query": "query { dataControllers { id title did createdAt } }"}' \
| jq '.'
Bash
# Authentication
JWT_RESPONSE=$(http POST https://auth.dxtra.ai/v1/signin/pat \
personalAccessToken="$DXTRA_API_KEY")
JWT_TOKEN=$(echo "$JWT_RESPONSE" | jq -r '.session.accessToken')
# GraphQL Query
http POST https://api.dxtra.ai/v1/graphql \
Authorization:"Bearer $JWT_TOKEN" \
X-Hasura-Role:user \
query='query { dataControllers { id title did createdAt } }'
Getting Started Checklist¶
- Active Dxtra account with API access
- API key generated via Developers page
- GraphQL client installed (GraphiQL, Altair, or preferred tool)
- Network access verified to
api.dxtra.aiandauth.dxtra.ai
For the most up-to-date schema information, always use GraphQL introspection or refer to your GraphQL client's built-in documentation features.