Connecting Remotely
You might sometimes need to connect to your GraphQL endpoint (typically accessible at http://yourapp.com/graphql
) from outside your app.
API Key
You can make authorized requests to your GraphQL endpoint by defining an arbitrary vulcan.apiKey
setting in your settings.json
file (make sure to keep it private by keeping it out of the public
block), and then including an apikey
header whose value matches that API key:
1 | { |
Any request made with that header will automatically be granted admin privileges.
Authenticating as a User
Another way to perform remote API queries and mutations with special privilages is to emulate one of your app’s users. You can do so by reusing their authorization token.
To figure out the token, log in as the user you want to emulate and inspect any graphql
request using your devtools’ Network tab. In the Headers tab, locate the Authorization
field of the Request Headers group and make a note of its value.
This is the header and token you’ll need to set when making your API call to the GraphQL endpoint. You can test it using a tool such as GraphQL Playground
.
In GraphQL Playground, select the “HTTP Headers” tab and type in (replacing the value with your own token):
1 | { "Authorization": "JKdsfahyvfHvsdf234s59pNbHGH7Z2fadsdrfCmR8WimItX" } |
GraphQL Clients
You can send your GraphQL request as a plain text string (inspect the Request Payload object in your devtools’ Network tab to see what that looks like) or you can use a GraphQL client to perform the request.
Here are a few options:
- Ruby: graphql-client
- Node: graphql-request
- iOS: apollo-ios
- Android: apollo-android