Public API · GraphQL
Authentication
Server-to-server and embed-scoped calls carry a Bearer token.
Bearer token
Send Authorization: Bearer <jwt> for server-to-server flows, e2e tests, and embed-scoped sign-ins.
bash
curl https://go.sessions.website/api/graphql \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer <your-jwt>' \
--data '{"query":"{ me { user { id } } }"}'MCP (AI assistants)
AI assistants call the public surface over the Model Context Protocol instead of raw GraphQL — discovery is anonymous, and viewer tools reuse the same Bearer JWT or an OAuth token scoped mcp:account. See the public MCP guide