This article is for Flatfile's Portal 2.0, Portal 3.0, and Workspaces. If you'd like to check out the latest version of the Flatfile Data Exchange Platform, click here!
API Access Keys are long lived and do not expire unless manually deactivated in the dashboard. Therefore, it is good form to exchange them for short lived Auth Tokens which have a configurable expiration time. You can learn how to exchange an API Access Key ID and API Access Key Secret for an Auth Token using our REST API here.
Use the resulting Auth token as a HTTP header when sending the GraphQL mutation request:
`Authorization: Bearer <auth token>`