Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Support for authentication via OAuth / OpenID Connect

See original GitHub issue

This has been discussed in #59 but with less scope than outlined below.

The Insomina REST client has native support for authenticating with the GraphQL server via OAuth 2.0, and therefore also OpenID Connect. It will also (automatically) refresh an access token if it has expired.

This has a number of advantages:

  • The process of acquiring an access / refresh token is baked into the client, and only requires the user to enter authentication details - right now, an access token needs to be acquired elsewhere, and added to each request via a Authorisation header.
  • A GraphQL server which issues short-lived access tokens can be seemlessly supported by automatically refreshing any access token that has expired.

Could GraphiQL support this?

I’d love to be able to use GraphiQL but the second point in particular is a dealbreaker for me. As it currently stands, access tokens on my GraphQL server expire after 60 mins, and so every hour I would need to manually acquire an access token and set it in GraphiQL to continue using it.

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:5 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
acaocommented, Jan 26, 2021

https://github.com/graphql/graphiql/issues/1771#issuecomment-765001323 to get you started

this project is mostly used by customized frameworks, and by projects like insomnia who use our LSP libraries. I’m pretty much the only recurring contributor, so there is no time to support such a thing. I’m available for paid consulting if you need more help with it, but most frontend devs can figure this one out it seems! i’ve worked at a handful of companies where they implemented an auth flow with GraphiQL themselves.

0reactions
fiznoolcommented, Jan 26, 2021

No problem, thank you for taking the time to reply and point me in the right direction. 🙂

Read more comments on GitHub >

github_iconTop Results From Across the Web

OpenID Connect
OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of...
Read more >
OAuth 2.0 and OpenID Connect Overview - Okta Developer
OpenID Connect is an authentication standard built on top of OAuth 2.0. It adds an additional token called an ID token. OpenID Connect...
Read more >
OpenID Connect | Authentication - Google Developers
This document describes our OAuth 2.0 implementation for authentication, which conforms to the OpenID Connect specification, and is OpenID Certified.
Read more >
OpenID Connect Protocol - Auth0
While OAuth 2.0 is about resource access and sharing, OIDC is about user authentication. Its purpose is to give you one login for...
Read more >
4. Securing the Login with OAuth 2 and OpenID Connect
Authentication is the process of identifying a user against a service. OpenID was the first standard that aimed at providing a decentralized protocol...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

graphql-monaco is broken on monaco 0.21+

Next page

Github OAuth using Netlify Functions for demos