Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Contact Us
  • Home
  • System

API Calls Using Third Party Applications: Personal Access Tokens

Written by Mitchell Ivany

Updated at March 14th, 2025

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Our Products & Services
  • Getting Started
    First Time Setup Baseline Configuration
  • Accounts
  • Communication
  • Billing
  • Companies
  • Financial
  • Integrations
  • Inventory
  • Jobs
  • ​Mapping
  • Misc.
  • Monitoring
  • Purchase Orders
  • Release Notes
  • Sonar Billing
  • Voice
  • Reporting
  • Security
  • sonarPay
  • Ticketing
  • Working With the Sonar Team & Additional Resources
    Sonar's Security Practices & Certifications
  • System
  • Networking
+ More

Table of Contents

GraphQL from CLI Using Postman

When creating an integration that will access Sonar through the API, the first step is to create a personal access token in your Sonar instance for that integration to use. The following article details the steps in creating a personal access token.

  1. Create an appropriate role and a user that you will use to perform the queries or mutations.
Typically, it is best to create an individual role that offers the bare minimum permissions required to make the integration work properly. This way, if the user or token is ever compromised, the exposure is as limited as possible.
 
  1. Log in as that user.
  2. Click the Avatar on the top-right (first letter of your username by default).
  1. Select the Personal Access Tokens tab to navigate to the management page, then click on Create Personal Access Token.
  2. Name your access token. It is best practice to name this as a device, vendor, or server that will be integrating with Sonar.
Your token will only be available after this form is submitted, and afterward will be hidden for security purposes. Please make sure to copy it somewhere safe.
 

Once you have copied the token, you will then need to click "Confirm" - after these steps have been completed, the token will appear in the Personal Access Tokens section as shown below.

GraphQL from CLI

Below is an example of running GraphQL query from the command line via curl. It is the most basic possible example of querying GraphQL outside of using https://instance.sonar.software/graphiql.

It should be run from bash or *nix because of the singe quotes. If you’re a Windows user, be sure to set up WSL for running Ubuntu in a container.

Replace <token> with an actual token that you got from following the instructions above
 
curl -X POST \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <token>' \
--data-raw '{"query": "{ me { name username } }"}' \
https://instance.sonar.software/api/graphql

Using Postman

You can also connect to your Sonar instance using the Personal Access Token by using an application such as Postman. In this case, you would provide the Personal Access Token as Authorization Type / Bearer Token

 

nameless piece unnamed text

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • How to: Using Webhooks in Sonar
  • Using Sonar DataConnect to Connect BI Applications with Your Sonar Instance
  • sonarPay: Token Migration Process
Expand