2018-09-11 14:11:24 +03:00
|
|
|
Securing the GraphQL endpoint
|
|
|
|
|
=============================
|
|
|
|
|
|
2018-12-03 15:12:24 +03:00
|
|
|
.. contents:: Table of contents
|
|
|
|
|
:backlinks: none
|
|
|
|
|
:depth: 1
|
|
|
|
|
:local:
|
|
|
|
|
|
2018-09-11 14:11:24 +03:00
|
|
|
To make sure that your GraphQL endpoint and the Hasura console are not publicly accessible, you need to
|
2019-02-14 12:37:47 +03:00
|
|
|
configure an admin secret key.
|
2018-09-11 14:11:24 +03:00
|
|
|
|
2019-02-14 12:37:47 +03:00
|
|
|
Depending on your deployment method, follow one of these guides to configure an admin secret key, and prevent public
|
2018-09-11 14:11:24 +03:00
|
|
|
access to your GraphQL endpoint and the Hasura console:
|
|
|
|
|
|
|
|
|
|
- :doc:`For Heroku <heroku/securing-graphql-endpoint>`
|
|
|
|
|
- :doc:`For Docker <docker/securing-graphql-endpoint>`
|
|
|
|
|
- :doc:`For Kubernetes <kubernetes/securing-graphql-endpoint>`
|
|
|
|
|
|
|
|
|
|
.. note::
|
|
|
|
|
|
2019-02-06 09:39:36 +03:00
|
|
|
If you're looking at adding access control rules for your data to your GraphQL API then head
|
2018-09-11 14:11:24 +03:00
|
|
|
to :doc:`Authentication / access control <../auth/index>`.
|
|
|
|
|
|
