Settings

Below you can find the official schema (cue) and an example to configure your graphql service:

schema
toml

// Configuration for hasura service
#Hasura: {
    // Version of hasura, you can see available versions in the URL below:
    // https://hub.docker.com/r/hasura/graphql-engine/tags
    version: string | *"v2.33.4-ce"

    // JWT Secrets configuration
    jwtSecrets: [#JWTSecret]

    // Admin secret
    adminSecret: string

    // Webhook secret
    webhookSecret: string

    // Configuration for hasura services
    // Reference: https://hasura.io/docs/latest/deployment/graphql-engine-flags/reference/
    settings: {
        // HASURA_GRAPHQL_CORS_DOMAIN
        corsDomain: [...#Url] | *["*"]
        // HASURA_GRAPHQL_DEV_MODE
        devMode: bool | *true
        // HASURA_GRAPHQL_ENABLE_ALLOWLIST
        enableAllowList: bool | *false
        // HASURA_GRAPHQL_ENABLE_CONSOLE
        enableConsole: bool | *true
        // HASURA_GRAPHQL_ENABLE_REMOTE_SCHEMA_PERMISSIONS
        enableRemoteSchemaPermissions: bool | *false
        // HASURA_GRAPHQL_ENABLED_APIS
        enabledAPIs: [...#HasuraAPIs] | *["metadata", "graphql", "pgdump", "config"]

        // HASURA_GRAPHQL_LIVE_QUERIES_MULTIPLEXED_REFETCH_INTERVAL
        liveQueriesMultiplexedRefetchInterval: uint32 | *1000
    }

    logs: {
        // HASURA_GRAPHQL_LOG_LEVEL
        level: "debug" | "info" | "error" | *"warn"
    }

    events: {
        // HASURA_GRAPHQL_EVENTS_HTTP_POOL_SIZE
        httpPoolSize: uint32 & >=1 & <=100 | *100
    }

    // Resources for the service
    resources?: #Resources
}

[hasura]
version = ''
adminSecret = 'adminsecret'
webhookSecret = 'webhooksecret'

[[hasura.jwtSecrets]]
type = 'HS256'
key = 'secret'

[hasura.settings]
corsDomain = ['*']
devMode = false
enableAllowList = true
enableConsole = true
enableRemoteSchemaPermissions = true
enabledAPIs = ['metadata']
liveQueriesMultiplexedRefetchInterval = 1000

[hasura.logs]
level = 'warn'

[hasura.events]
httpPoolSize = 10

[hasura.resources]
replicas = 1

[hasura.resources.compute]
cpu = 500
memory = 1024

JWT Secret

All formats supported by hasura should be supported:

schema
toml

#JWTSecret:
    ({
        type: "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "Ed25519" | *"HS256"
        key:  string
    } |
    {
        jwk_url: #Url | *null
    }) &
    {
        claims_format?: "stringified_json" | *"json"
        audience?:      string
        issuer?:        string
        allowed_skew?:  uint32
        header?:        string
    } & {
        claims_map?: [...#ClaimMap]

    } &
    ({
        claims_namespace: string | *"https://hasura.io/jwt/claims"
    } |
    {
        claims_namespace_path: string
    } | *{})

#ClaimMap: {
    claim: string
    {
        value: string
    } | {
        path:     string
        default?: string
    }
} & {
}

# example 1
[[hasura.jwtSecrets]]
type = 'HS256'
key = 'secret'

# example 2
[[hasura.jwtSecrets]]
jwk_url = 'https:/....'

# example 3
[[hasura.jwtSecrets]]
jwk_url = "https://......"
issuer = "https://my-auth-server.com"

[[hasura.jwtSecrets.claims_map]]
claim = "x-some-claim"
value = "some-value"

[[hasura.jwtSecrets.claims_map]]
claim = "x-other-claim"
path = "$.user.claim.id"
default = "default-value"

JWT Secret​

JWT Secret