mirror of
https://github.com/hasura/graphql-engine.git
synced 2024-12-16 18:42:30 +03:00
f83a8e591f
Rename the admin secret key header used to access GraphQL engine from X-Hasura-Access-Key to X-Hasura-Admin-Secret. Server CLI and console all support the older flag but marks it as deprecated.
24 lines
787 B
ReStructuredText
24 lines
787 B
ReStructuredText
Securing the GraphQL endpoint
|
|
=============================
|
|
|
|
.. contents:: Table of contents
|
|
:backlinks: none
|
|
:depth: 1
|
|
:local:
|
|
|
|
To make sure that your GraphQL endpoint and the Hasura console are not publicly accessible, you need to
|
|
configure an admin secret key.
|
|
|
|
Depending on your deployment method, follow one of these guides to configure an admin secret key, and prevent public
|
|
access to your GraphQL endpoint and the Hasura console:
|
|
|
|
- :doc:`For Heroku <heroku/securing-graphql-endpoint>`
|
|
- :doc:`For Docker <docker/securing-graphql-endpoint>`
|
|
- :doc:`For Kubernetes <kubernetes/securing-graphql-endpoint>`
|
|
|
|
.. note::
|
|
|
|
If you're looking at adding access control rules for your data to your GraphQL API then head
|
|
to :doc:`Authentication / access control <../auth/index>`.
|
|
|