Welcome to the Postman Community! 
Currently, there are a few areas with GraphQL which don’t function the same as the HTTP calls. The console logging of the network messages and having these GraphQL requests inside a HTTP based Collection.
With that in mind, if you have tested a HTTP + GraphQL based solution and that’s working for you - I would go with that and bring in that Auth call in the same Collection. This is also going to be currently the only way to run those GraphQL calls in a pipeline with Newman or the Postman CLI.
I’ve never used Octopus so I couldn’t tell you if that works but if it follows the same workflows as other similar tools, it should work.