mirror of
https://github.com/hasura/graphql-engine.git
synced 2024-12-17 20:41:49 +03:00
8af24e9acc
https://github.com/hasura/graphql-engine-mono/pull/2105 Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> GitOrigin-RevId: cd7cf61c1de0c6ba3e4b0c5fbc9f9943d17e2c0c
32 lines
1018 B
ReStructuredText
32 lines
1018 B
ReStructuredText
.. meta::
|
|
:description: Secure the Hasura GraphQL endpoint
|
|
:keywords: hasura, docs, deployment, secure
|
|
|
|
.. _securing_graphql_endpoint:
|
|
|
|
Securing the GraphQL endpoint
|
|
=============================
|
|
|
|
.. contents:: Table of contents
|
|
:backlinks: none
|
|
:depth: 1
|
|
:local:
|
|
|
|
To make sure that your GraphQL endpoint and the Hasura console are not publicly accessible, you need to
|
|
configure an admin secret key.
|
|
|
|
Depending on your deployment method, follow one of these guides to configure an admin secret key, and prevent public
|
|
access to your GraphQL endpoint and the Hasura console:
|
|
|
|
- Hasura Cloud projects have a randomly generated admin secret added by default at the time of creation.
|
|
- :ref:`For Heroku <heroku_secure>`
|
|
- :ref:`For Docker <docker_secure>`
|
|
- :ref:`For Kubernetes <kubernetes_secure>`
|
|
- :ref:`For Digital Ocean <digital_ocean_secure>`
|
|
|
|
.. note::
|
|
|
|
If you're looking at adding access control rules for your data to your GraphQL API then head
|
|
to :ref:`Authentication / access control <auth>`.
|
|
|