Hipex Pack API

The hipex pack api is based on GraphQL. For information on the basics of graphQL please refer to http://graphql.org/learn/.


For almost all calls you need to logged in to be able to do anything. The login call will respond with "Authorization" header. This header is required on all subsequent calls. Some calls after the login call will send you a new "Authorization" header. This new header should then be used for new calls.

You can find a simple API explorer on https://service.hipex.io/hipex-pack-api/graphiql. This explorer implemented the above login feature for you as following:

function graphQLFetcher(graphQLParams) {
    return fetch(serverUri, {
        method: 'post',
        headers: {
            'Accept': 'application/json',
            'Content-Type': 'application/json',
            'Authorization': localStorage.getItem('authorization'),
            'X-Requested-With': 'XMLHttpRequest'
        body: JSON.stringify(graphQLParams),
        credentials: 'include',
    }).then(function (response) {
        var headers = response.headers;
        if (headers.has('Authorization')) {
            localStorage.setItem('authorization', headers.get('Authorization'));
        return response.text();
    }).then(function (responseBody) {
        try {
            return JSON.parse(responseBody);
        } catch (error) {
            return responseBody;

A login is done using the Login mutation, this query could look like this.

mutation Login($username: String!, $password: String!){
  Login(username: $username, password: $password) {
      settings {


For fetching data without modifications a query is used. A query can always be run more then once without affecting anything.

Most queries entity queries are based on a general filter principle described in entity-query. Right now there are no queries not following this implementation. When there are queries that doe we will list them here.


For all data changes mutations are used, mutations should always be executed only once and always change the data in some way.

Some undocumented mutations can be found in the Api explorer docs tab. For all documented mutations see: