Service
Service config allows you to configure global (system) service settings, related to overall Inigo agent operability. Service configuration allows Inigo’s users to apply fine-grianed authorization and access controls. Not all clients are the same; you may have authenticated and unauthenticated clients using your application. Using the access control capabilities of Inigo, you can enforce strong authorization controls depending on the context of your clients.
This section defines the format of Inigo’s Service
type configuration files. Fields marked as required
must be specified if the parent is defined.
Spec
Field | Type | Description |
---|---|---|
path_trace_id | string | Path to the Trace ID header. Inigo can fetch the trace id from a header, ctx, or jwt. In each case prefix the path with the corresponding source. For example: “header.TRACE_ID” |
path_user_profile | string | Path to a user profile header. For JWT headers, you can use jwt.user_profile or jwt.<some_path_to_user_profile_key> . |
path_user_role | string | Path to a user role header. For JWT headers, you can use jwt.roles or jwt.<some_path_to_user_roles_key> . |
path_user_id | string | Path to a user ID header. For JWT headers, you can use jwt.user_id or jwt.<some_path_to_user_id_key> . |
path_client_info | string | Path to the client version header. |
path_client_address | string | Path to get the client address. Inigo can fetch the client address from headers only. If not provided agent will attempt to get data from the headers in the following sequence: 1. x-real-ip 2. x-forwarded-for |
introspection_query_file | string | |
introspection_header | object | |
polling_interval_schema | int | Interval (in seconds) to poll the GraphQL schema from the application. |
polling_interval_profile | int | Interval (in seconds) to poll new configurations. |
enable_extensions_output | boolean | Enable the exposure of the GraphQL extensions response key. |
anonymous_profile | string | Name of an anonymous profile. |
anonymous_roles | [string] | List of roles that are considered anonymous. |
schema_files | [string] | Relative path to the filesystem location of your files containing GraphQL schemas. For example: ../../schemas/prod.graphql . |
reduct_extension_output | [string] | List of extensions JSON keys to reduce from the response. |
failure_mode | string default:open | Default action to take upon failure mode. One of: - open : Pass failed requests to the service.- block : Blocks failed requests from reaching the service.- query_only : Blocks failed requests from reaching the service. |