Access
Access configuration allows Inigo’s users to apply fine-grained authorization and access controls. Not all clients are the same; you may have authenticated and unauthenticated clients using your application. Using the access control capabilities of Inigo, you can enforce strong authorization controls depending on the context of your clients.
This section defines the format of Inigo’s Access
type configuration files. Fields marked as required
must be specified if the parent is defined.
Spec
Field | Type | Description |
---|---|---|
profile_default_values | AccessProfileDefaultValues | |
profiles | [AccessProfile] | |
role_default_values | AccessRoleDefaultValues | |
roles | [AccessRole] |
AccessProfileDefaultValues
Field | Type | Description |
---|---|---|
introspection_mode | string default:full | Introspection mode policy for the given profile. One of: - full - partial - block |
AccessProfile
Field | Type | Description |
---|---|---|
Name | string required | Name of the profile. |
introspection_mode | string default:full | Introspection mode policy for the given profile. One of: - full - partial - block |
AccessRoleDefaultValues
Field | Type | Description |
---|---|---|
full_access | boolean | Grants full schema access to the role. This setting takes presedence and over any access configuration files. |
allowed_operations | [string] | Relative path to the filesystem location of your files containing allowed operations. For example: allowed_operations/viewer.graphql |
config_files | [string] | Relative path to the filesystem location of your access files. For example: access_files/viewer.inigo. |
operation_files | [string] |
AccessRole
Field | Type | Description |
---|---|---|
Name | string required | Name of the role. |
full_access | boolean | Grants full schema access to the role. This setting takes presedence and over any access configuration files. |
allowed_operations | [string] | Relative path to the filesystem location of your files containing allowed operations. For example: allowed_operations/viewer.graphql |
config_files | [string] | Relative path to the filesystem location of your access files. For example: access_files/viewer.inigo. |
operation_files | [string] |