Why are there custom headers in hasura graphQL endpoint ? Is there any specific reason for its existence ?
I have created two custom headers and tried to access the endpoint from post I was still able to access the endpoint without mentioning the custom headers which I created. so what is the point of having it?
Got an Answer from the Hasura Team,
Optional custom headers are very useful in authentication and authorization.
For example, if you want to pass session variables as headers, so you can pass header with name x-hasura-* where * would be any string to its corresponding value. Hasura graphql engine will only accept headers which start with x-hasura-* .
You can check more about session variables here - https://hasura.io/docs/latest/auth/authorization/roles-variables/#session-variables