Direct GraphQL access is available for advanced use cases. It exposes the full internal data model and is more flexible than the REST API, but it is not covered by backwards-compatibility guarantees — queries and mutations may change between releases without notice. It is best suited for ad-hoc exploration, internal tooling, or scenarios where you control the upgrade cycle of both the client and the Phonemos instance.
Authentication
Like the REST API, GraphQL requires a Bearer token. In addition, Hasura requires the x-hasura-role header to be set explicitly — without it, the request will be rejected. Set it to the role appropriate for your operation. Typical values are viewer (read access) and editor (write access); manager and restorer are available for elevated operations. The role must be one your user account actually holds.
1
2
Authorization: Bearer <token>
x-hasura-role: viewerDiscovering queries
A practical way to explore the API is to use your browser’s developer tools while using the Phonemos UI. Open the Network tab, filter by XHR/Fetch, and observe the GraphQL requests the frontend sends — these show exactly which queries and mutations are valid, along with their variables and responses.
Further reading
GraphQL documentation — introduction to the GraphQL query language
Hasura documentation — details on Hasura’s GraphQL engine, including filtering, pagination, and subscriptions