GraphQL Apollo Sandbox Overview



The Apollo Sandbox allows the user to perform GraphQL queries and mutations on completed assessments, organization details, applications, and much more in NowSecure Platform to obtain detailed results. This environment is a useful supplemental tool to test your queries prior to combining them in a script, although it is not necessary to use with NowSecure Platform.

Apollo Sandbox offers valuable features such as: fields that can be added recursively; a dedicated Schema tab for directives, return types, arguments, etc.; depreciations are clearly grayed out; and input fields are auto populated.

For more detailed Findings queries, see our Platform Findings GraphQL API article.

Note: The Log in button at the top right of the Apollo Sandbox is for Apollo accounts only. This optional profile is unaffiliated with your NowSecure Platform account. Learn more about Creating an Apollo Account on the Apollo docs site.

To learn more about Apollo’s capabilities with no account required, see the official Apollo Sandbox documentation, or the Apollo Sandbox Overview video.

Legacy GraphQL Playground Access

NowSecure’s now deprecated Legacy GraphQL Playground- along with all queries- can still be accessed and utilized. Queries saved in the Legacy Playground can be utilized in the Apollo Sandbox. Although, the saved legacy queries will not be automatically visible in Apollo Sandbox. 

Please see our GraphQL API Queries article for more information on the Legacy Playground environment and queries.


You will first need a token for authentication. See the Creating an API Bearer Token article for more detailed instructions.

Within NowSecure Platform, select your Profile in the upper right > Tokens. Select Generate Token  Below examples uses token titled "GraphQL."



Note: This token is presented one time, so copy it and keep it safe. You can revoke it and create another, if needed. 

  1. Once your token has been copied, navigate to the GraphQL Apollo Sandbox GraphQL to the Headers tab in the Explorer editor view. You will see a “Schema Introspection Error” prior to authentication. Configure your access by selecting the following:
    {"Authorization": "Bearer"}

  2. Select + New Header

  3. In the header key input, select Authorization:image6.png
  4. Paste your Bearer {token} in the input field including Bearer before the token: image.png


Now that you have configured your authorization token you can start performing queries to gather the information of your choice. The main query writing section will attempt to auto-complete as much as possible of the query you are currently writing. 

Select the Schema graph at the top left to introspect the schema or head to the top left navigation bar with the search icon to look for any fields to query.


You can also use the CMD+K or CTRL+K shortcuts to search for a query field on a new tab in the Explorer view.



Article is closed for comments.