Monday API SDK Not Authenticated or Graphql validation errors

I just started the quickstart guide and wanted to start querying right away, but instantly hit a wall with GraphQL. BTW I love graphql and use it for my own projects and was excited to see that graphql querying and mutations are allowed.

When running

monday.api(`query { users { id, name } }`).then((res) => {console.log(res)})

I get: Error: Graphql validation errors

It said I didn’t need a token but I tried a token anyway
I’ve tried monday.setToken('apiKey')
and I get errors: ["Not Authenticated"]
I also tried monday.api(query, {token: "apiKey"}).then((res) => console.log(res))
and I get the same error: errors: ["Not Authenticated"]

I tested my token in and it works great. I can query just fine.

Note: I haven’t added any code to the quickstart guide at all except for converting class to react-hooks and then adding the query in a useEffect.

Hope someone can help with me with this issue.
Thank you in advance.

1 Like

Hi there @pepperaddict :wave:

Great user name, I love spicy food too :slight_smile: Thanks for reaching out to us with this.

To be transparent with you, it looks like you are not sending the API request to us correctly. From my understanding (and I’m afraid I could be wrong on this as well), you will need to send your whole API request to us towards “” as a POST request in JSON string, as seen here in the quickstart:

Structuring your API requests

There are a few things to keep in mind when you’re building your first API call:

  • Request Structure: all requests to the API must be POST requests. Queries must conform to our GraphQL schema
  • Authentication: all requests to the API should include an authentication token in the request header. Learn how to get your API key here.
  • Request Body: all requests to the API should have a JSON-formatted body. The only exception is file uploads, which should be multipart requests.

Do you think this could be causing the issue you are having? Since the Query works correctly in the test try-it-yourself environment, it seems like the code is correct to me. Does that make sense?


1 Like

Hi @AlexSavchuk!

Thank you so much for getting back to me and helping me with this issue. And also :hot_pepper: :hot_pepper: mmm

I was able to get the query to work with a post fetch request:

    fetch('', {
      method: "POST",
      body:JSON.stringify({query: "{users {id, name}}"}),
      headers: {
        "Content-Type": "application/json",
        "Authorization": "apiKey"
    }).then((res) => res.json()).then((response) => console.log(response)).catch((err) => console.log(err))

Success! Everything’s working great. Thank you @AlexSavchuk ! Now I’m able to move forward.

Though I do want to loop back around to my original problem using the SDK. I might have posted this problem on the wrong forum.

Here’s the SDK info:
In monday.api() it says:

`monday.api` Performing queries against the API on behalf of the connected user

I was able to use monday.get() with no issue, but monday.api()is where my initial problem is from. It would be nice to use monday’s SDK for this GraphQL requests rather than a fetch request since I have the SDK installed in the quick start guide: for Views & Widgets

My main issue is the apiKey/token. Using the token will only give data for my platform. If this app is shared, it would be nice to give info to other user’s platform.

I’ve tried monday.api() with React Hooks and React Components and I still get the same errors as the one above.

Thank you for helping and at least now I can use the data and get started. But I believe I need this working with the SDK rather than a post request.

1 Like

Hi @pepperaddict

What I understand is that you wan to be able share your app with other accounts. In that case you need to ask the user in the other account to authorize your app. In your app enable OAuth authorization and specify an endpoint in your backend. within this endpoint you need to:

You probably want to store the token to prevent asking authorization over and over. In my case I store them in a backend database with an accountid / userid key pair.


Hey @basdebruin!

Thank you! This may be what I need if I have to stick with post requests for querying.

I am still wondering why monday’s SDK monday.api() isn’t working for me. I thought it was going to be great since I wouldn’t have to deal with callbacks to a server, redirects and storing.
It does state right here in the SDK:

Seamless authentication

When used for client-side development, SDK methods that require to act on behalf of the connected user will work out-of-the-box by communicating with the parent running application. You’re not required to initialize the SDK client with any explicit credentials.

Methods that use seamless authentication (including monday.api and ) offer capabilities that are scoped based on the permissions of the logged in user and the scopes you have configured in your app.

I hope I can get some help to get monday.api() working correctly, otherwise I’ll have to use the post request way with authentication and callbacks which I hope I don’t have to. I appreciate you taking the time in helping me and this tip will definitely help if I can’t get monday.api() to work.

Hi @pepperaddict

I am not sure what you are trying to achieve. You are building a monday app, right? Do you want to build (dash)board view or an integration? My experience is more on the integration part and monday.api sure needs a token there and you have to do intiMondayClient, see snippet

static async getBoardColumns(token, boardId) {
try {
const mondayClient = initMondayClient();
const query = query($boardId: [Int]) {boards (ids: $boardId) {columns { id title } } };
const variables = { boardId };
const response = await mondayClient.api(query, { variables });
} catch (err) {

In this scenario the and other are not working as this is all server based. The backend runs on a (dedicated or ngrok’d) server and is not aware of the monday’s user context.

What I understand from (dash)board views is that they don’t need authorization as they live in an iframe within monday itself. Does that make sense?


Hey @basdebruin!

Thank you for getting back to me and helping me with this issue.

(dash)board views/widgets does seem like an iframe thing. I have experience developing Atlassian plugins and it seems to work the same way.
When connected to Monday, the API works which is expected. I can use monday.get() with no issues. However, my problem is that monday.api() isn’t working for me which is where I’m stuck. Without my token I get validation error, with token I get not authenticated.

As for Monday’s app development, I literally started a few days ago so I’m not sure what mondayClient is yet. You may need to step back to level beginner which is where I’m at haha.
I got started with tutorial and everything is working great, but couldn’t get monday.api() to work following these directions:

I created a repository real fast to show where I’m stuck.

As you can see it’s literally a fresh app and I’m at the start. It’s just a create react app so feel free to ngrok it yourself for a widget setup if you would like to see the error (if you get the same error). If you do go that route, i created an env file with API2 with the token and the widget has a background color field.

The solutions given feels more like a workaround which I can definitely resort to, but I would like to get the SDK monday.api() working to save time.

Thank you and I appreciate having someone help me with this issue.

Hi @pepperaddict

I am afraid I am as new as you are when it comes to widget and views. From the developers webinairs I understand the view is really rendered in an iframe within the board or dashboard.

When you are in you monday developer environment can you click on “API background” and enter your GraphQL query there? That should give you a good indication what is happening. Just try query {users {name}} in the API playground.

Hey @basdebruin

Thanks for getting back to me!

The API playground works great inside my environment and I’m able to query just fine. I also went to to check if my token is valid and I’m able to get in and query just fine.

The code
monday.api('query { users { name } }').then(res => console.log(res))
is basically just a copy and paste from the SDK guide hoping it would work but no luck. :frowning_face:
With the whole rules and copying and pasting the query, I’m not sure how I was supposed to write it.

The strange thing is that I haven’t found anyone with this issue. So knowing myself I may have left out a step or messed something up or the dev gods have doomed me and I’m not allowed to have an out of the box success.
I’ve tried searching around and I haven’t found anybody else with the same issue except for the newToken issue that I had earlier: Having trouble using monday.setToken within the Apps SDK but now my problem isn’t consistent. I’m no longer getting not authenticated when I enter a token and now I’m just getting Graphql validation error in every monday.ap() execution token or not.

Anyway, this is a total head scratcher for me. It’s only that command that doesn’t work. The rest of the SDK doesn’t seem to have any issue.

Once again thanks for trying to help me resolve this. In the meantime I’m using the data from the standard post request to work on my front-end.


I decided to try a different query for the hell of it

monday.api('query { me { id, name } }').then(res => console.log(res))
This works!!! Yay!


monday.api('query { users { name } }').then(res => console.log(res))

doesn’t work but works in playground I get:

  "data": {
    "users": [
        "name": "Yenith LianTyHao"
        "name": "Pepper Addict"
  "account_id": //id

Ack… Unfortunately the thing I want is the query that isn’t working. haha

interesting… the only thing I can think of is the token itself. Who os it issued for. Remember monday tokens are personal, so if this token if issued to somebody that does not have necessary rights the query will fail. I understand you already tried the token on so I am kind of lost here.

I suggest to use the monday support team for this one.

1 Like

Thank you @basdebruin for sticking around to help me with this issue.

You may be right, it could be a token issue. I’ve regenerated my token and I still get the same problem.
I noticed that any query request that results in a list has this graphql validation error in Monday.api() so it’s not just a problem with the users query.

Anyway, this may be a problem with my token not allowed to access certain information or there is something wrong with the Monday.api() and lists. I have to wait till Monday for Monday to take a look at this. haha

The following works for me

this.monday.api(query, {options: { token: <your token> }})

Hi @stackpond

Thanks, but no luck. Out of curiosity, what is your query? Are you attempting the same one as me? The me type query works no problem for me, but queries that result in a list I get the error.

monday.api(`query { users { id, name } }`, {options: {token: apiKey}}).then((res) => {

This is the error I’m getting:

It would be nice to have someone else attempt the same query as I am and see if they’re getting data.

1 Like

Hope the scopes are correctly set in your case. For you I think only users:read scope need to be enabled.

Let me know how you go.



Yep, that was it! Thank you thank you!

Hey @stackpond and @basdebruin - you guys are amazing! Thank you so much for jumping in and helping out here, this is the stuff that will the community an awesome place for all developers :slight_smile:

@pepperaddict I’m glad I was able to help with the POST request, at least :D. Stay spicy!


1 Like