Overview
The DiscountFlow GraphQL API provides programmatic access to PriceQuotation data — products, product categories, approval levels, and approval requests. All data is scoped to your tenant.
Endpoint: POST /graphql
Content-Type: application/json
Authentication
All requests require a Bearer token. API keys are managed by tenant owners in Settings > API.
Authorization: Bearer df_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Requests without a valid token receive a 401 Unauthorized response:
{
"errors": [
{
"message": "Unauthenticated."
}
]
}
Rate Limiting
Requests are rate-limited per API key. When the limit is exceeded, the API returns 429 Too Many Requests.
The current limit is 60 requests per minute (configurable by the platform).
Making Requests
Send a JSON body with a query field (and optional variables):
curl -X POST https://discountflow.io/graphql \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_API_KEY" \
-d '{"query": "{ ping }"}'
Objects
The sidebar groups the API by object. Each object has a Queries page and a Mutation page:
| Object | Description |
|---|---|
| Product | Individual products in your price list. |
| Product Category | Categories that group products and define shared pricing/custom fields. |
| Approval Level | The approval hierarchy and price thresholds used to route requests. |
| Approval Request | Discount approval requests and their line items. |
| Request Detail | Individual line items (opportunities) on an approval request. Not directly queryable/mutable — accessed as a nested field. |
Pagination
Paginated queries return a data array and a paginatorInfo object:
{
products(first: 10, page: 2) {
data {
id
partnumber
}
paginatorInfo {
currentPage
lastPage
perPage
total
count
hasMorePages
}
}
}
Error Handling
Errors follow the standard GraphQL error format:
{
"errors": [
{
"message": "Validation failed for the field [createProduct].",
"extensions": {
"validation": {
"input.partnumber": ["The input.partnumber field is required."]
}
}
}
]
}
| HTTP Status | Meaning |
|---|---|
200 | Success (check errors array for partial failures) |
401 | Invalid or missing API key |
429 | Rate limit exceeded |
Scalar Types
| Type | Format | Example |
|---|---|---|
DateTime | Y-m-d H:i:s | 2026-03-24 14:30:00 |
Date | Y-m-d | 2026-03-24 |
JSON | Arbitrary JSON | {"key": "value"} |
ID | ULID string (or integer for products) | 01JNQX... |