Stats
Actions
Tags
From Pipefy
Calls the Pipefy GraphQL API directly using curl or httpx when MCP tools and introspection both fail (Tier 3 fallback). Authenticates via OAuth2 or PAT.
How this skill is triggered — by the user, by Claude, or both
Slash command
/pipefy:pipefy-api-fallbackThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
This skill activates only after Tiers 1 and 2 have failed. Call the Pipefy GraphQL API directly, bypassing the MCP server.
This skill activates only after Tiers 1 and 2 have failed. Call the Pipefy GraphQL API directly, bypassing the MCP server.
| Tier | Method | When |
|---|---|---|
| 1 | Dedicated MCP tool (create_card, update_pipe, etc.) | Always try first. |
| 2 | Introspection + execute_graphql | When no dedicated tool exists or a tool fails unexpectedly. See skills/introspection/pipefy-introspection/SKILL.md. |
| 3 | Direct HTTP via curl / httpx (this skill) | When the MCP server itself is unavailable, or execute_graphql fails with an infrastructure error. |
Do not jump to Tier 3 after a single tool failure. Follow the tiers in order.
Two options (use whichever is available in the environment). Prefer the Service Account when both exist.
Option A — OAuth2 Client Credentials (preferred):
TOKEN=$(curl -s -X POST https://app.pipefy.com/oauth/token \
-H "Content-Type: application/json" \
-d "{\"grant_type\":\"client_credentials\",\"client_id\":\"$PIPEFY_SERVICE_ACCOUNT_CLIENT_ID\",\"client_secret\":\"$PIPEFY_SERVICE_ACCOUNT_CLIENT_SECRET\"}" \
| python3 -c "import sys,json; print(json.load(sys.stdin)['access_token'])")
Option B — Personal Access Token (PAT):
TOKEN="$PIPEFY_PAT" # or $PIPEFY_TOKEN
PATs are deprecated for new integrations but may still exist in the environment.
Bearer prefix is mandatory — Pipefy rejects requests without it.PIPEFY_SERVICE_ACCOUNT_CLIENT_ID, PIPEFY_SERVICE_ACCOUNT_CLIENT_SECRET, PIPEFY_PAT, or PIPEFY_TOKEN in responses to the user or in logs.| Purpose | URL |
|---|---|
| All queries and mutations | https://api.pipefy.com/graphql |
| Schema introspection only | https://app.pipefy.com/graphql |
| OAuth2 token | https://app.pipefy.com/oauth/token |
Real operations go to api.pipefy.com; introspection goes to app.pipefy.com. The MCP server and CLI route between the two automatically (both derived from PIPEFY_BASE_URL); raw-API users must distinguish them by hand.
curl -s -X POST https://api.pipefy.com/graphql \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"query": "{ me { id name } }"}' | jq .
curl -s -X POST https://api.pipefy.com/graphql \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{
"query": "mutation CreateCard($input: CreateCardInput!) { createCard(input: $input) { card { id } } }",
"variables": {
"input": {
"pipe_id": 67890,
"title": "Fallback Card"
}
}
}' | jq .
| Situation | Use |
|---|---|
| MCP server running normally | MCP tools (Tier 1 or 2) |
| MCP server down / unreachable | Direct API (Tier 3) |
execute_graphql returns 500 error | Direct API (Tier 3) |
| Testing a new mutation before MCP tool exists | execute_graphql (Tier 2) — not direct API |
When you need to discover schema without MCP tools, call app.pipefy.com/graphql:
# All queries and mutations
curl -s -X POST https://app.pipefy.com/graphql \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"query":"{ __schema { queryType { fields { name description } } mutationType { fields { name description } } } }"}'
# Type details
curl -s -X POST https://app.pipefy.com/graphql \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"query":"{ __type(name: \"CreateCardInput\") { inputFields { name description type { name kind ofType { name kind } } } } }"}'
GraphQL always returns HTTP 200, even on errors. Check the errors array, not the HTTP status code.
| Code | Likely cause | Recovery |
|---|---|---|
| UNAUTHORIZED | Token missing, expired, or Bearer omitted | Re-fetch token (Option A) or fix the header. |
| PERMISSION_DENIED | Service Account not a member of this pipe/table | Add SA via invite_members or ask user. |
| resource_not_found | ID does not exist or SA cannot see it | Verify ID; check pipe/table membership. |
| invalid_input | Wrong argument name or type | Run introspect_type (Tier 2) to recheck the input shape. |
| INTERNAL_SERVER_ERROR | API bug or unsupported payload | Do NOT retry the same payload. Try an alternative mutation or workaround. |
| missingRequiredInputObjectAttribute | A required field is missing from the input | Compare the payload against __type(name: …InputType). |
create_card via automationcreateAutomation with action: create_card + field_map — returns INTERNAL_SERVER_ERROR (confirmed API bug).createCard with the throughConnectors parameter. Prerequisite: a connector field with canCreateNewConnected: true must exist.organization { pipes { ... } } returns [] but pipesCount > 0, the Service Account is not a member of those pipes.pipe(id: "...") directly.invite_members accepts unknown emails silentlyuser_id for typo addresses without rejecting the invite. Sanity-check email syntax before calling.Search for the exact error message + "Pipefy GraphQL", or the mutation name + "example Pipefy API".
Only after all 3 tiers and external resources have failed:
data key and errors is null or absent.Bearer prefix omitted. Re-fetch the OAuth token (Option A).INTERNAL_SERVER_ERROR in errors array — do NOT retry the same payload; pick a different mutation path.PIPEFY_TOKEN / PIPEFY_PAT only for personal/development use; use service-account credentials (PIPEFY_SERVICE_ACCOUNT_CLIENT_ID + PIPEFY_SERVICE_ACCOUNT_CLIENT_SECRET) for service accounts.execute_graphql and introspection tools through the MCP server before falling back to direct HTTP.npx claudepluginhub pipefy/ai-toolkit --plugin pipefyDiscovers GraphQL type shapes, mutation signatures, enum values, and executes arbitrary GraphQL queries as a fallback when dedicated MCP tools fail.
Provides GraphQL API patterns for SuperOps.ai: Bearer token auth, query/mutation building, cursor pagination, rate limiting, and error handling.
Automates Grafbase operations via Composio's Grafbase toolkit through Rube MCP. Discovers tools, manages connections, and executes workflows.