Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
How to use Graphiql when /graphql protected by JWT token (authorization header)
See original GitHub issueMy /graphql route is protected by JWT token, so every HTTP request needs to set:
headers: {
Authorization: 'Bearer ' + token
}
To get through the authentication middleware and hit /graphql.
How to manage this authentication step when using graphiql ? graphiql is so convenient, it’s a pity to not use it 😦 thanks for any suggestion!
Issue Analytics
- State:
- Created 8 years ago
- Reactions:203
- Comments:87 (32 by maintainers)
Top Results From Across the Web
how to use graphiql when route are secured? - Stack Overflow
If you're using the standalone GraphiQL app, there's an "Edit HTTP Headers" button at the top-right corner. Click that, click "+ Add Header" ......
Read more >Authentication and authorization - Apollo GraphQL Docs
The example below extracts a user token from the HTTP Authorization header included in each operation request. It then fetches the corresponding user...
Read more >Accessing GraphiQL over a JWT protected route in ExpressJS
4.1 Visit your protected GraphQL endpoint in Chrome. ... Step #3. Obtain a JWT token which can be used for authentication.
Read more >How To Use Graphiql When Graphql Protected By Jwt Token
There are different ways to handle authentication in a GraphQL from GitHub and copy the files from srcpart3 folder to the main src...
Read more >Everything you need to know about GraphQL Authentication ...
Authenticating GraphQL is quite simple. We make use of queries and mutations. For a user to have access he has to register first,...
Read more >
Top Related Medium Post
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I found a way to fix this problem. On Chrome, you can install an extention
ModHeaderhttps://chrome.google.com/webstore/detail/modheader/idgpnmonknjnojddfkpgkljpfnnfcklj which will allow you to modify request or response headers. In this way, you can send Authorization header with each request and graphiql will work fine.GraphiQL is generic and doesn’t know anything about the network! This is great because you can configure it to use whatever your GraphQL server uses. This is how @skevy was able to build a standalone app version of GraphiQL.
I suggest taking a look at the example - where you see
graphQLFetcheris where you can configure your network fetching however you like, in your case by including any authentication details that may be necessary.Often, when your GraphQL endpoint is behind a authorization feature like this, it is common to expose the GraphiQL tool via a different endpoint on your server.