-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Q: How to do both Authentication & Authorization in Playground? #14
Comments
Hey @Dev-Dipesh
For a production environment, you probably need to use a VPC (e.g, whitelisting your GraphQL API to your container). But even if accessed directly, http://localhost:4466/app/dev should not return any schema as there's no Authorization header.
Do you have a repository reproduction for this one? You actually don't need to use the |
I have deployed the Prisma server locally in Docker with managementApiSecret and also defined it in prisma.yml. Now, there are two issues I'm facing.
Prisma server link
http://localhost:4466
from Docker is accessible without setting any header. How can I secure that?When Graphql Shield is disabled I can query documents on
http://localhost:1337
by setting the Authorization header, obtained by using the commandprisma token
. The problem appears when I enable Graphql Shield. After this for any and all requests I'm getting:even for the resolvers that are marked as allow.
docker-compose.yml
prisma.yml
.env
permissions/index.ts
Thanks for your help 🙏
The text was updated successfully, but these errors were encountered: