There should be caution regarding uses such features after the trial license expires: https://dgraph.io/docs/enterprise-features/
If you need login w/o the enterprise features, then you’ll need to use a reverse proxy in front on the Dgraph Alpha service endpoint or apart of that endpoint.
Another complimentary solution would be to use mutual TLS where the client submits a client certificate that allows access. If you do this directly to the Dgraph Alpha nodes, the docs are at: https://dgraph.io/docs/deploy/tls-configuration/. This will be a high level of complexity if you never set this up before.
In Kubernetes space, there’s a few service meshes that can do the Mutual TLS automatically, but for Docker Swarm, I am not sure, maybe Hashicorp’s Consul (https://www.consul.io/).
Adding some more, another reverse proxy that is popular w/ with Fabio (https://fabiolb.net/) and of course nginx. For oauth2 proxy there’s Oauth2 Proxy.
I mention the reverse-proxy - load balancer part is because this: if you have 3 dgraph alpha nodes for example, you’ll need a reverse proxy + load balancer to send traffic to one of three nodes, so that the traffic is distributed and you have high availability.