GraphQL
Learn how to configure your Hasura GraphQL Engine
CUE
// Configuration for hasura service #Hasura: { // Version of hasura, you can see available versions in the URL below: // https://hub.docker.com/r/hasura/graphql-engine/tags version: string | *"v2.33.4-ce" // JWT Secrets configuration jwtSecrets: [#JWTSecret] // Admin secret adminSecret: string // Webhook secret webhookSecret: string // Configuration for hasura services // Reference: https://hasura.io/docs/latest/deployment/graphql-engine-flags/reference/ settings: { // HASURA_GRAPHQL_CORS_DOMAIN corsDomain: [...#Url] | *["*"] // HASURA_GRAPHQL_DEV_MODE devMode: bool | *true // HASURA_GRAPHQL_ENABLE_ALLOWLIST enableAllowList: bool | *false // HASURA_GRAPHQL_ENABLE_CONSOLE enableConsole: bool | *true // HASURA_GRAPHQL_ENABLE_REMOTE_SCHEMA_PERMISSIONS enableRemoteSchemaPermissions: bool | *false // HASURA_GRAPHQL_ENABLED_APIS enabledAPIs: [...#HasuraAPIs] | *["metadata", "graphql", "pgdump", "config"] // HASURA_GRAPHQL_LIVE_QUERIES_MULTIPLEXED_REFETCH_INTERVAL liveQueriesMultiplexedRefetchInterval: uint32 | *1000 // HASURA_GRAPHQL_STRINGIFY_NUMERIC_TYPES stringifyNumericTypes: bool | *false } authHook?: { // HASURA_GRAPHQL_AUTH_HOOK url: string // HASURA_GRAPHQL_AUTH_HOOK_MODE mode: "GET"|*"POST" // HASURA_GRAPHQL_AUTH_HOOK_SEND_REQUEST_BODY sendRequestBody: bool | *true } logs: { // HASURA_GRAPHQL_LOG_LEVEL level: "debug" | "info" | "error" | *"warn" } events: { // HASURA_GRAPHQL_EVENTS_HTTP_POOL_SIZE httpPoolSize: uint32 & >=1 & <=100 | *100 } // Resources for the service resources?: #Resources }
[hasura]
[hasura] version = '' adminSecret = 'adminsecret' webhookSecret = 'webhooksecret' [[hasura.jwtSecrets]] type = 'HS256' key = 'secret' [hasura.settings] corsDomain = ['*'] devMode = false enableAllowList = true enableConsole = true enableRemoteSchemaPermissions = true enabledAPIs = ['metadata'] liveQueriesMultiplexedRefetchInterval = 1000 stringifyNumericTypes = false [hasura.logs] level = 'warn' [hasura.events] httpPoolSize = 10 [hasura.resources] replicas = 1 [hasura.resources.compute] cpu = 500 memory = 1024
JWTSecret
#JWTSecret: ({ type: "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "Ed25519" | *"HS256" key: string } | { jwk_url: #Url | *null }) & { claims_format?: "stringified_json" | *"json" audience?: string issuer?: string allowed_skew?: uint32 header?: string } & { claims_map?: [...#ClaimMap] } & ({ claims_namespace: string | *"https://hasura.io/jwt/claims" } | { claims_namespace_path: string } | *{}) #ClaimMap: { claim: string { value: string } | { path: string default?: string } } & { }
# example 1 [[hasura.jwtSecrets]] type = 'HS256' key = 'secret' # example 2 [[hasura.jwtSecrets]] jwk_url = 'https:/....' # example 3 [[hasura.jwtSecrets]] jwk_url = "https://......" issuer = "https://my-auth-server.com" [[hasura.jwtSecrets.claims_map]] claim = "x-some-claim" value = "some-value" [[hasura.jwtSecrets.claims_map]] claim = "x-other-claim" path = "$.user.claim.id" default = "default-value"
Was this page helpful?