Skip to Content

Configure App Security

Published: 2022-05-23

Enable the GraphQL Endpoint#

In some situations, e.g. during a migration, you might want to directly expose a GraphQL API from WunderGraph. In this case, you're not leveraging the advanced security from WunderGraph. Your GraphQL API is not hidden behind the multiple layers of security of WunderGraph.

Keep in mind that in this scenario, you have to take care of securing the API yourself.

configureWunderGraphApplication({
security: {
enableGraphQLEndpoint: false,
}
});

Allow additional Hosts#

When publicly exposing a WunderGraph API, the publicly available Hostname might differ from the local listenPath. E.g. your app might be listening on localhost:9991 (default) but your publicly available hostname is example.com. In this scenario, without any additional configuration, the WunderGraph Server would return a 404, Not Found. This is because the WunderGraph Router uses the hostname to identify your application and only knows about localhost:9991.

You can allow additional Hosts by adding them to the security section of the configureWunderGraphApplication in your wundergraph.config.ts file.

configureWunderGraphApplication({
security: {
allowedHosts: ["example.com"]
}
});

Product

Comparisons

Subscribe to our newsletter!

Stay informed when great things happen! Get the latest news about APIs, GraphQL and more straight into your mailbox.

© 2022 WunderGraph