Skip to main content Link Menu Expand (external link) Document Search Copy Copied

Access

Access configuration allows Inigo’s users to apply fine-grained authorization and access controls. Not all clients are the same; you may have authenticated and unauthenticated clients using your application. Using the access control capabilities of Inigo, you can enforce strong authorization controls depending on the context of your clients.


This section defines the format of Inigo’s Access type configuration files. Fields marked as required must be specified if the parent is defined.

Spec

Field Type Description
profile_default_values AccessProfileDefaultValues  
profiles [AccessProfile]  
role_default_values AccessRoleDefaultValues  
roles [AccessRole]  

AccessProfileDefaultValues

Field Type Description
introspection_mode string default:full Introspection mode policy for the given profile.

One of:
- full
- partial
- block

AccessProfile

Field Type Description
Name string required Name of the profile.
introspection_mode string default:full Introspection mode policy for the given profile.

One of:
- full
- partial
- block

AccessRoleDefaultValues

Field Type Description
full_access boolean Grants full schema access to the role. This setting takes presedence and over any access configuration files.
allowed_operations [string] Relative path to the filesystem location of your files containing allowed operations.

For example: allowed_operations/viewer.graphql
config_files [string] Relative path to the filesystem location of your access files.

For example: access_files/viewer.inigo.
operation_files [string]  

AccessRole

Field Type Description
Name string required Name of the role.
full_access boolean Grants full schema access to the role. This setting takes presedence and over any access configuration files.
allowed_operations [string] Relative path to the filesystem location of your files containing allowed operations.

For example: allowed_operations/viewer.graphql
config_files [string] Relative path to the filesystem location of your access files.

For example: access_files/viewer.inigo.
operation_files [string]