Dgraph Security Control

MichelDiz · March 23, 2023, 2:19am

Options for the community version:

You can use TLS Configuration - Deploy - With TLS only those clients with the cert will be able to access.

You can also set a token

--security string            Security options
 token=; If set, all Admin requests to Dgraph will need to have this token. 
The token can be passed as follows: for HTTP requests, in the X-Dgraph-AuthToken header. 
For Grpc, in auth-token key in the context.

With this all clients have to pass that token(custom token, AKA Poor Man’s ACL)

You are trying to execute a GraphQL mutation in Ratel. Ratel does not support GraphQL. Hence the error. You should the Admin run query/mutation it via cURL or a GraphQL client.

Important

Never expose your database in public. Always create an API and put it behind a firewall. Your back-end should be the one that controls the DB access.

No, ACL is EE.

If you are confused by the Login part in Ratel. Don’t worry, you don’t need to log in to the community version.

Topic		Replies	Views
ACL Needed Dgraph	2	684	January 2, 2022
Whether Dgraph supports account password login Dgraph faq	7	939	June 17, 2020
How to set Dgraph server account password access Dgraph mutation	2	1096	July 1, 2020
Access Control Lists - Enterprise features Documentation	0	636	August 28, 2020
How is dgraph protected? Dgraph kind:question	6	674	March 13, 2021

Dgraph Security Control

Important

Related topics