Skip to content
AM

customer360-api (GraphQL)

Customer 360 owns contacts, companies, segments, customer health, timeline activity, saved queries, and CX dashboard contracts.

Runtime

PropertyCurrent contract
Production API originhttps://cx-api.inblack.app
GraphQLPOST /graphql
GraphQL operations50: 28 queries and 22 mutations
HTTP registrations6 total; GraphQL and health are externally classified, while projection/identity routes remain internal or under source review

cx.inblack.app is the Customer 360 SPA origin, not the API origin.

Example

Terminal window
curl https://cx-api.inblack.app/graphql \
-H "Authorization: Bearer <token>" \
-H "X-Tenant-ID: <tenant-id>" \
-H "Content-Type: application/json" \
-d '{"query":"{ contacts(page: 1, perPage: 5) { items { id displayName email } total page perPage } }"}'

The schema’s contacts field is @authenticated. Health administration and other mutations carry their own role or permission directives. See the GraphQL operation reference for exact contracts.

Authorization

The GraphQL mount is wrapped by Portal authorization for product cx and module contacts. Tenant membership, entitlement, and field directives still apply. The internal identity/projection ingress is service-authenticated and is not an external customer API.

Agents default to CX MCP tools. A GraphQL operation’s presence does not imply that it is available in a tenant’s MCP catalog.