GraphQL Client
The GraphQL client provides typed queries and mutations to the Heimdall API.
graphqlRequest
Execute a GraphQL query or mutation, returning the full response including errors. The
first argument is always an ApiClientConfig — pass
getApiConfig() from @/lib/api.
import { getApiConfig, graphqlRequest } from "@/lib/api";
import type { GraphQLResponse } from "@/lib/api";
const response: GraphQLResponse<{ user: User }> = await graphqlRequest<{ user: User }>(
getApiConfig(),
query,
variables
);
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
config | ApiClientConfig | Yes | API client config (baseUrl, optional systemApiKey) — use getApiConfig() |
query | string | Yes | GraphQL query/mutation string |
variables | Record<string, unknown> | No | Query variables |
options | GraphQLRequestOptions | No | Request options |
Options
interface GraphQLRequestOptions {
/** OAuth access token for user context */
accessToken?: string;
/** Custom headers */
headers?: Record<string, string>;
/** Original User-Agent from the client browser (forwarded as X-Original-User-Agent) */
userAgent?: string;
/** Original IP address from the client (forwarded as X-Forwarded-For) */
clientIp?: string;
/** Source service making the request (e.g., "id", "backend"). Sent as X-Source-Service header. */
sourceService?: string;
/** User ID from the authenticated session (sent as X-User-Id for audit logging) */
userId?: string;
}
Response
interface GraphQLResponse<T> {
data?: T;
errors?: Array<{ message: string; path?: string[] }>;
}
Example
const query = `
query GetUser($id: ID!) {
user(id: $id) {
id
name
email
}
}
`;
const response = await graphqlRequest<{ user: User }>(getApiConfig(), query, { id: "123" });
if (response.errors) {
console.error("GraphQL errors:", response.errors);
return;
}
console.log("User:", response.data?.user);
gql
Helper function that extracts data or throws on errors. Useful when you want exceptions instead of error handling. Like graphqlRequest, its first argument is the ApiClientConfig.
import { getApiConfig, gql } from "@/lib/api";
const data = await gql<{ user: User }>(getApiConfig(), query, variables);
// Throws if errors occur
Parameters
Same as graphqlRequest (config first, then query, variables, options).
Returns
Returns T directly (the data from the response).
Throws
Errorif the response contains GraphQL errorsErrorif no data is returned
Examples
Query
const query = `
query GetUsers($limit: Int!) {
users(limit: $limit) {
id
name
}
}
`;
try {
const { users } = await gql<{ users: User[] }>(getApiConfig(), query, { limit: 10 });
console.log("Users:", users);
} catch (error) {
console.error("Query failed:", error.message);
}
Mutation
const mutation = `
mutation UpdateUser($id: ID!, $name: String!) {
updateUser(id: $id, name: $name) {
id
name
}
}
`;
try {
const { updateUser } = await gql<{ updateUser: User }>(getApiConfig(), mutation, {
id: "123",
name: "New Name",
});
console.log("Updated user:", updateUser);
} catch (error) {
console.error("Mutation failed:", error.message);
}
With Access Token
const { user } = await gql<{ user: User }>(
getApiConfig(),
query,
{ id: "123" },
{ accessToken: session.accessToken }
);
Authentication Priority
accessTokenoption (if provided)config.systemApiKey(the app populates this fromSYSTEM_API_KEYviagetApiConfig())- No authentication
// Falls back to config.systemApiKey
const response = await graphqlRequest(getApiConfig(), query, variables);
// Uses provided access token
const response = await graphqlRequest(getApiConfig(), query, variables, {
accessToken: userToken,
});
Error Handling
With graphqlRequest
const response = await graphqlRequest<{ user: User }>(getApiConfig(), query, variables);
if (response.errors) {
for (const error of response.errors) {
console.error(`Error at ${error.path?.join(".")}: ${error.message}`);
}
return;
}
// Safe to use response.data
console.log(response.data?.user);
With gql
try {
const data = await gql<{ user: User }>(getApiConfig(), query, variables);
console.log(data.user);
} catch (error) {
// Handle the first error message
console.error(error.message);
}
Client Info & Audit Logging
extractClientInfo
Extract client information from a Next.js request for audit logging.
import { getApiConfig, extractClientInfo } from "@/lib/api";
import { NextRequest } from "next/server";
export async function POST(request: NextRequest) {
const clientInfo = extractClientInfo(request);
// { userAgent: "...", clientIp: "..." }
const data = await gql<{ result: Result }>(
getApiConfig(),
mutation,
variables,
clientInfo // Passed as the options (4th) parameter
);
}
extractClientInfo takes no config — it only reads headers from the request.
ClientInfo Type
interface ClientInfo {
userAgent?: string;
clientIp?: string;
}
Source service
The library reads no SOURCE_SERVICE env var. To tag which application made the
request (for audit logging), pass sourceService in the request options — it is sent
as the X-Source-Service header:
const data = await gql<{ result: Result }>(
getApiConfig(),
mutation,
variables,
{ accessToken, sourceService: "id" } // "id" | "backend" | "policies" | "discord_bot" ...
);
Apps typically read their own SOURCE_SERVICE env in src/lib/config.ts (e.g.
getSourceService()) and forward the value here.
Complete API Route Example
import { NextRequest, NextResponse } from "next/server";
import { getServerSession } from "next-auth";
import { authOptions } from "@/lib/auth";
import { getApiConfig, gql, extractClientInfo } from "@/lib/api";
export async function POST(request: NextRequest) {
const session = await getServerSession(authOptions);
if (!session?.user?.id) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
const body = await request.json();
const clientInfo = extractClientInfo(request);
const data = await gql<{ updateProfile: User }>(
getApiConfig(),
`mutation UpdateProfile($input: UpdateProfileInput!) {
updateProfile(input: $input) {
id
name
}
}`,
{ input: { userId: session.user.id, ...body } },
{ accessToken: session.accessToken, ...clientInfo }
);
return NextResponse.json(data.updateProfile);
}
Common Patterns
Fetching with Loading State
function UserProfile({ userId }: { userId: string }) {
const [user, setUser] = useState<User | null>(null);
const [loading, setLoading] = useState(true);
const [error, setError] = useState<string | null>(null);
useEffect(() => {
async function fetchUser() {
try {
const { user } = await gql<{ user: User }>(
getApiConfig(),
`query { user(id: "${userId}") { id name email } }`
);
setUser(user);
} catch (e) {
setError(e.message);
} finally {
setLoading(false);
}
}
fetchUser();
}, [userId]);
if (loading) return <div>Loading...</div>;
if (error) return <div>Error: {error}</div>;
return <div>{user?.name}</div>;
}