Skip to main content

Generating Access Token

To perform actions or queries using Tribe JavaScript client, you need to first generate an access token.

You can generate an access token using one of the following methods:

App Access Token#

If you want to perform actions on behalf of a bot account, or a specific member in your community you can use the App Access Token.

To do so, you need to first create an app and use the app's client ID and client secret.


Don't have an app yet? Follow the instructions here.

The rest is pretty simple:

import { TribeClient } from "@tribeplatform/gql-client"
const client = new TribeClient({
clientId: "{clientId}",
clientSecret: "{clientSecret}",
graphqlUrl: "",
networkId: "{networkId}",
memberId: "{memberId}",
}).then(async accessToken => {

You should replace {clientId}, {clientSecret}, {networkId}, and {memberId} with app's client ID, app's client secret, network/community ID, and the ID of the member that you want to impersonate.


Not providing memberId in generateToken will generate access token for a bot account.


Please note that you should only use the above method on the backend (Node.js) since we're usinge the client secret of our app. Using the above code on frontend will leak your secret and a third party will be able to generate tokens on behalf of your members.

Tribe Access Token#

In some cases, you may want to generate an access token based on your members username/email and password. An example is when you want to use Tribe member management as your main member management system and you want to create your own UI and login page that is connected to Tribe platform.

To do so, we need to first generate a guest access token using getTokens method and then log the member in using the auth.login method as followed:

Node.js or JavaScript
import { TribeClient } from "@tribeplatform/gql-client"
const client = new TribeClient({
graphqlUrl: "",
const getAccessToken = async (usernameOrEmail, password) => {
const guestTokens = await client.getTokens(
{ networkDomain: "{}" },
const { accessToken, refreshToken } = await client.auth.login(
input: { usernameOrEmail, password },
console.log({ accessToken, refreshToken })
getAccessToken("{usernameOrEmail}", "{password}")

You should replace {} with your community subdomain or custom domain. {usernameOrEmail} and {password} should be repalced by member's username/email and password.

Using the generated access token#

You can simply set the generated access token using client.setToken:

const spaces = client.spaces.list({ limit: 5 }).then(spaces => {
// The following line will log 5 spaces