Skip to main content

Securing GraphQL

Squid Cloud provides the @secureGraphQL decorator, which allows you to protect your GraphQL integrations. This decorator enables you to easily control access to your GraphQL endpoints, ensuring that only authorized users can access your data and resources.

When you use the @secureGraphQL decorator, the decorated function accepts a parameter of type GraphqlContext. This provides the full context of the GraphQL query, including the actual query, variables, operation name, and more.

Backend code
import { secureGraphQL, SquidService } from '@squidcloud/backend';
import { GraphqlContext } from '@squidcloud/client';

export class ExampleService extends SquidService {
@secureGraphQL('usersGraphQl')
secureUsersGraphQl(context: GraphqlContext): boolean {
// TODO - Implement your security logic here
}
}