# AI Commerce Cloud GraphQL API

> Public GraphQL schema reference for AI Commerce Cloud integrations.

AI Commerce Cloud exposes one production GraphQL endpoint for ecommerce catalog, customer, order, quote, payment, and operational data.

## Core URLs

- Docs: https://docs.aicommerce.cloud/
- Production GraphQL endpoint: https://api.aicommerce.fi/graphql
- GraphQL SDL schema: https://docs.aicommerce.cloud/schema.graphql
- GraphQL introspection JSON: https://docs.aicommerce.cloud/graphql.schema.json
- OpenAPI transport descriptor: https://docs.aicommerce.cloud/openapi.json

## Authentication

Every production GraphQL request must be a POST with `Content-Type: application/json` and these headers:

- `X-GraphQL-Secret`: AI Commerce Cloud API access token issued during onboarding.
- `X-Tenant-ID`: tenant identifier issued during onboarding.
- `X-Tenant-Secret`: tenant-specific secret issued during onboarding.

Do not expose API secrets in browser-side code or public repositories.

## Minimal Request Shape

```json
{
  "query": "query Products($limit: Int, $offset: Int) { products(limit: $limit, offset: $offset) { id name price } }",
  "variables": { "limit": 5, "offset": 0 }
}
```

## Notes For Agents

- Prefer `schema.graphql` or `graphql.schema.json` for schema extraction.
- Use `openapi.json` only as an HTTP transport descriptor; operation-level GraphQL fields live in the GraphQL schema.
- Resolve tenant-specific lookup values dynamically through documented queries instead of hardcoding ids.