Management API (GraphQL)
Last updated
Last updated
For any other CRUD operations, a GraphQL API is provided.
The GraphQL API endpoint is https://{tenant_id}.api.quasr.io/graphql
The Management API allows to create, read, update, delete the following entities:
accounts
controls
consents
permissions
rules
factors
enrollments
extensions
tenants
events
You can grab your personal access token from the Tenant Administration > APIs, as shown in the screenshot below. Do not share the personal access token with anyone.
createTenant
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/tenants https://api.quasr.io/scopes/account/tenants/create
Root user
updateTenant
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/tenants https://api.quasr.io/scopes/account/tenants/update
Root user
updateTenant
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/tenants https://api.quasr.io/scopes/admin/tenants/update
Tenant admin
deleteTenant
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/tenants https://api.quasr.io/scopes/account/tenants/delete
Root user
createFactor
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/factors https://api.quasr.io/scopes/admin/factors/create
Tenant admin
updateFactor
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/factors https://api.quasr.io/scopes/admin/factors/update
Tenant admin
deleteFactor
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/factors https://api.quasr.io/scopes/admin/factors/delete
Tenant admin
createAttribute
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/attributes https://api.quasr.io/scopes/admin/attributes/create
Tenant admin
updateAttribute
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/attributes https://api.quasr.io/scopes/admin/attributes/update
Tenant admin
deleteAttribute
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/attributes https://api.quasr.io/scopes/admin/attributes/delete
Tenant admin
createControl
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/controls https://api.quasr.io/scopes/admin/controls/create
Tenant admin
updateControl
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/controls https://api.quasr.io/scopes/admin/controls/update
Tenant admin
deleteControl
ttps://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/controls https://api.quasr.io/scopes/admin/controls/delete
Tenant admin
createAccount
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/accounts https://api.quasr.io/scopes/admin/accounts/create
Tenant admin
updateAccount
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/accounts https://api.quasr.io/scopes/admin/accounts/update
Tenant admin
deleteAccount
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/accounts https://api.quasr.io/scopes/admin/accounts/delete
Tenant admin
createExtension
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/extensions https://api.quasr.io/scopes/admin/extensions/create
Tenant admin
updateExtension
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/extensions https://api.quasr.io/scopes/admin/extensions/update
Tenant admin
deleteExtension
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/extensions https://api.quasr.io/scopes/admin/extensions/delete
Tenant admin
createClaim
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/claims https://api.quasr.io/scopes/admin/claims/create
Tenant admin
createClaim
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/claims https://api.quasr.io/scopes/account/claims/create
Account
updateClaim
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/claims https://api.quasr.io/scopes/admin/claims/update
Tenant admin
updateClaim
ttps://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/claims https://api.quasr.io/scopes/account/claims/update
Account
deleteClaim
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/claims https://api.quasr.io/scopes/admin/claims/delete
Tenant admin
deleteClaim
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/claims https://api.quasr.io/scopes/account/claims/delete
Account
createEnrollment
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/enrollments https://api.quasr.io/scopes/admin/enrollments/create
Tenant admin (only internal accounts)
createEnrollment
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/enrollments https://api.quasr.io/scopes/account/enrollments/create
Account
updateEnrollment
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/enrollments https://api.quasr.io/scopes/admin/enrollments/update
Tenant admin (only disable for internal accounts)
updateEnrollment
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/enrollments https://api.quasr.io/scopes/account/enrollments/update
Account
deleteEnrollment
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/enrollments https://api.quasr.io/scopes/admin/enrollments/delete
Tenant admin (only internal accounts)
deleteEnrollment
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/enrollments https://api.quasr.io/scopes/account/enrollments/delete
Account
updateConsent
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/consents https://api.quasr.io/scopes/admin/consents/update
Tenant admin
updateConsent
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/consents https://api.quasr.io/scopes/admin/consents/update
Account
createPermission
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/permissions https://api.quasr.io/scopes/admin/permissions/create
Tenant admin
updatePermission
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/permissions https://api.quasr.io/scopes/admin/permissions/update
Tenant admin
deletePermission
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/permissions https://api.quasr.io/scopes/admin/permissions/delete
Tenant admin
createRule
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/rules https://api.quasr.io/scopes/admin/rules/create
Tenant admin
updateRule
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/rules https://api.quasr.io/scopes/admin/rules/update
Tenant admin
deleteRule
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/rules https://api.quasr.io/scopes/admin/rules/delete
Tenant admin
createSource
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/sources https://api.quasr.io/scopes/admin/sources/create
Tenant admin
updateSource
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/sources https://api.quasr.io/scopes/admin/sources/update
Tenant admin
deleteSource
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/sources https://api.quasr.io/scopes/admin/sources/delete
Tenant admin
getTenant
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/tenants https://api.quasr.io/scopes/account/tenants/get
Root user
getTenant
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/tenants https://api.quasr.io/scopes/admin/tenants/get
Tenant admin
listTenants
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/tenants https://api.quasr.io/scopes/account/tenants/list
Root user
getFactor
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/factors https://api.quasr.io/scopes/admin/factors/get
Tenant admin
listFactors
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/factors https://api.quasr.io/scopes/admin/factors/list
Tenant admin
getAttribute
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/attributes https://api.quasr.io/scopes/admin/attributes/get
Tenant admin
listAttributes
ps://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/attributes https://api.quasr.io/scopes/admin/attributes/list
Tenant admin
getControl
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/controls https://api.quasr.io/scopes/admin/controls/get
Tenant admin
listControls
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/controls https://api.quasr.io/scopes/admin/controls/list
Tenant admin
getAccount
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/accounts https://api.quasr.io/scopes/admin/accounts/get
Tenant admin
getAccount
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/get
Account
listAccounts
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/accounts https://api.quasr.io/scopes/admin/accounts/list
Tenant admin
getExtension
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/extensions https://api.quasr.io/scopes/admin/extensions/get
Tenant admin
listExtensions
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/extensions https://api.quasr.io/scopes/admin/extensions/list
Tenant admin
getClaim
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/claims https://api.quasr.io/scopes/admin/claims/get
Tenant admin
getClaim
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/claims https://api.quasr.io/scopes/account/claims/get
Account
listClaims
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/claims https://api.quasr.io/scopes/admin/claims/list
Tenant admin (only per account)
listClaims
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/claims https://api.quasr.io/scopes/account/claims/list
Account
searchClaims
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/claims https://api.quasr.io/scopes/admin/claims/search
Tenant admin (only min. 2 characters)
getEnrollment
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/enrollments https://api.quasr.io/scopes/admin/enrollments/get
Tenant admin
getEnrollment
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/enrollments https://api.quasr.io/scopes/account/enrollments/get
Account
listEnrollments
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/enrollments https://api.quasr.io/scopes/admin/enrollments/list
Tenant admin
listEnrollments
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/enrollments https://api.quasr.io/scopes/account/enrollments/list
Account
getConsent
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/consents https://api.quasr.io/scopes/admin/consents/get
Tenant admin
getConsent
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/consents https://api.quasr.io/scopes/account/consents/get
Account
listConsents
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/consents https://api.quasr.io/scopes/admin/consents/list
Tenant admin
listConsents
https://api.quasr.io/scopes/account
https://api.quasr.io/scopes/account/consents https://api.quasr.io/scopes/account/consents/list
Account
getPermission
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/permissions https://api.quasr.io/scopes/admin/permissions/get
Tenant admin
getPermission
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/permissions https://api.quasr.io/scopes/account/permissions/get
Account
listPermissions
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/permissions https://api.quasr.io/scopes/admin/permissions/list
Tenant admin
listPermissions
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/permissions https://api.quasr.io/scopes/account/permissions/list
Account
getRule
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/rules https://api.quasr.io/scopes/admin/rules/get
Tenant admin
listRules
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/rules https://api.quasr.io/scopes/admin/rules/list
Tenant admin
getSource
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/sources https://api.quasr.io/scopes/admin/sources/get
Tenant admin
listSources
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/sources https://api.quasr.io/scopes/admin/sources/list
Tenant admin
getLink
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/links https://api.quasr.io/scopes/admin/links/get
Tenant admin
getLink
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/links https://api.quasr.io/scopes/account/links/get
Account
listLinks
https://api.quasr.io/scopes/admin https://api.quasr.io/scopes/admin/links https://api.quasr.io/scopes/admin/links/list
Tenant admin
listLinks
https://api.quasr.io/scopes/account https://api.quasr.io/scopes/account/links https://api.quasr.io/scopes/account/links/list
Account
The GraphQL API has a limit of 2000 request tokens per second. As your requests could consume one or more tokens per request it's hard to estimate the expected max RPS but if we'd assume an average of 2 tokens per request it means the API should be able to support ~1000 RPS. The burst limit is 40 requests.
If you exceed 300 requests in 5 min from a single IP address it will be temporarily blocked until you reduce your rate (this can sometimes take a couple minutes). This limitation can be relevant for large shared networks or back-end integrations that operate via fixed IP.
We block IPs that are listed as either malicious or actively engaged in reconnaissance or DDOS activities (AWS IP reputation list).
Postman collection here:
The Management API requires an access token (JWT) with scope https://api.quasr.io/scopes/admin or https://api.quasr.io/scopes/account (then limited to own resources only) in the Authorization header. You can either use your own personal access token or create a dedicated for it, if you prefer.
