There is very little information on how to authenticate. In the example React app, you put the username admin/admin in the env file, which implies its using basic authentication. But if you try to use the corresponding header:
Only shows how to get tokens from the cloud env control panel, not your local install, which doesnt have a control panel.
we have been going round in circles trying to get graphql working for many days, anyone who can help it would be greatly appreciated.
Ideally, we want to remove the authentication requirements from our local author instances, but this is undocumented. In theory, the publish instance has this authentication removed, but getting local replication from author to publish has been equally difficult, and is a poor workaround.
The crux is, if there is no documented way for a graphGL client to call the grapgl endpoint, it is unusable. The react app will be using some form of authentication, but this is not helpful as we dont know what it is. There was an article about generating OATH2 credentials (client secret and client ID), but this only applies to AEM hosted cloud instances, not to local dev instances unfortunately.