How to set different security level for introspection _service data type

[hrdoujak]

DGS framework implements resolvers for enhanced introspection query for _service type, which is needed by Apollo federation gateway: https://www.apollographql.com/docs/federation/subgraph-spec/#enhanced-introspection-with-query_service

For example:

{
  _service {
    sdl
  }
}

Is possible set special security level for this query? I would like to allow unsecured requests for this enhanced introspection query and OAuth for any other request to /graphql endpoint.

I was looking for place/class where introspection resolvers is implemented to get some next hints, but unfortunatelly I did not find it.

Next solution can be use two endpoints; /graphql for all requests except introspection and /introspection just for introspection and than set security on endpoint level. Is that possible?

Thank you for any help.
Jakub Hrdoun

[srinivasankavitha]

There is a property : dgs.graphql.introspection.enabled https://netflix.github.io/dgs/configuration/#core-properties You can turn this off for your service or use spring properties to control which environment you want to turn it on/off for. Hope that helps.

…

On Mon, Sep 4, 2023 at 5:30 AM Jakub Hrdoun ***@***.***> wrote: DGS framework implements resolvers for enhanced introspection query for _service type, which is needed by Apollo federation gateway: https://www.apollographql.com/docs/federation/subgraph-spec/#enhanced-introspection-with-query_service For example: { _service { sdl } } Is possible set special security level for this query? I would like to allow unsecured requests for this enhanced introspection query and OAuth for any other request to /graphql endpoint. I was looking for place/class where introspection resolvers is implemented to get some next hints, but unfortunatelly I did not find it. Next solution can be use two endpoints; /graphql for all requests except introspection and /introspection just for introspection and than set security on endpoint level. Is that possible? Thank you for any help. Jakub Hrdoun — Reply to this email directly, view it on GitHub <#1625>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AJ5JPXK5SAKIDZF5ENARD23XYXCVRANCNFSM6AAAAAA4KLGWX4> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>