How do you test out Hasura authorization?
If I disable x-hasura-admin-secret in the Dashboard, and add Authorization: Bearer a_jwt_encoded_with_a_HASURA_GRAPHQL_JWT_SECRET_and_the_hasura_custom_claims
Then I keep getting these toast notifications:
Schema introspection query failed
x-hasura-admin-secret/x-hasura-access-key required, but not found
What am I missing? How can I test my permissions and such from within the Hasura GraphiQL explorer?
My HASURA_GRAPHQL_JWT_SECRET might be in the wrong place. I set it in Heroku (per how you used to have to do it).
I've updated the HASURA_GRAPHQL_JWT_SECRET to be defined in the Hasura project console's env vars, and have updated it to
{
"key": "01234567890123456789012345678912",
"type": "HS256"
}
But when I generate a JWT from that config and try it, it throws the same toast notifications...
In my experience the easiest way to test permissions is to leave the admin secret in place and then just set the relevant headers.
Generally you just add additional headers for x-hasura-role and x-hasura-user-id and any other session variables that are relevant for your app.
In the screenshot below you can see that I've explicitly set these values. Any query that you run will be evaluated based on the permissions associated with the role (in my case its organization-admin)
This is especially useful if you want to be able to use the Analyze functionality to do query profiles that take permissions into account.
- Spring Boot Starter GraphQL LazyInitializationException
- How to know which fields were requested in a GraphQL query?
- How to get requested fields inside GraphQL resolver?
- Hasura native SQL Query with parameters
- GraphQL Query syntax error
- requiredDeploymentEnvironments is not getting selected using graphql
- unordered list in contentful-rich-text rendering as P tags
- Unable to pass valid graphQL request body inside data dog API test
- Apollo Client Caching Issue with fetchPolicy: 'no-cache' in Next.js Server Component
- AWS AppSync Mutation not Updating Data - What Could be the Issue?
- Export a GraphQL collection in Postman
- Error: Expected undefined to be a GraphQL schema
- GraphQL joining subgraphs
- I need a query like this in graphql but I can't figure out how to do it
- Nexus & GraphQL: Root typing path for the type "context" does not exist
- Jest has detected the following 1 open handle potentially keeping Jest from exiting: TCPSERVERWRAP
- The App\Security\LoginFormAuthenticator::getUser() method must return a UserInterface. You returned Softonic\GraphQL\Response
- Shopify API productTaxonomyNodeId error when using productCreate in Node.js GraphQL
- Apollo GraphQL merge cached data
- How to import gql to create typedefs in apollo server v4?
- Possible to return ACF fields from Post Object or Relationship type?
- Is there a way for graphql-ruby to return multiple fields on a query?
- unable to use the GraphQL router for MuleSoft components
- apollo-angular - hangs on `pending` status with network call
- Passing Multiple Arguments to GraphQL Query
- The LINQ expression OrderBy DateTimeOffset.DateTime could not be translated
- Apollo Client: retrieving the results from a query with errors
- Ballerina debugger starts only one server in my ballerina project
- NestJs GraphQL playground access
- Using multiple endpoints in Apollo Client