conradwt

conradwt

What's the recommended approach for securing GraphQL APIs?

Hi, I’m building an application that will have support for both the web and mobile. At this time, I’m using PhxGenAuth for authentication on the web. However, it appears that there’s no out-of-the-box support for API authentication.

Thus, I was wondering, what’s the recommended approach for securing GraphQL APIs these days? From the book “Craft GraphQL APIs in Elixir with Absinthe”, it appears that JWTs is a good solution to go with for now.

Finally, are there any recommended Hex authentication packages that support both session and API authentication?

Most Liked

OvermindDL1

OvermindDL1

A header token or a token passed in the message directly are the two ways I most often see.

Where Next?

Popular Backend topics Top

Jsdr3398
I’m trying to create a router where everything is in a collection of routes (similar to how I do my routes in expressjs). But it doesn’t ...
New
New
TwistingTwists
Hello Folks, I am a novice developer from India. Intending to learn Elixir and web apps (phoenix framework). What are things that I MUS...
New
Ora2pgnewbie
Wanted to check if there is a UI available to use Ora2pg tool.
New
Fl4m3Ph03n1x
Background I am a fan of dialyzer and friends (looking at Gradient) and I try to have sepcs in my code as much as I can. To this end, I a...
New
sona11
If isReachable throws an IOException in Java, what is the right step to do and why? The application, I believe, should halt the process ...
New
Fl4m3Ph03n1x
Background When trying to execute mix release on a Windows 11 machine for a Phoenix project I get the following error: * assembling mark...
New
pillaiindu
Currently reading the book “Programming Phoenix LiveView”. At the end of the Chapter 1, I’m trying to solve the guess game. If the user ...
New
harwind
I have a large SQL database with millions of records, and I’ve identified duplicate entries. What’s the most efficient way to find and re...
New
Patricia-Mendes13
Hi guys!! I´m studying and got a Full stack course but the course lacked a lot of support and and info to learn as it´s a course after wo...
New

Other popular topics Top

New
PragmaticBookshelf
Brace yourself for a fun challenge: build a photorealistic 3D renderer from scratch! In just a couple of weeks, build a ray tracer that r...
New
AstonJ
If you are experiencing Rails console using 100% CPU on your dev machine, then updating your development and test gems might fix the issu...
New
PragmaticBookshelf
Use WebRTC to build web applications that stream media and data in real time directly from one user to another, all in the browser. ...
New
mafinar
This is going to be a long an frequently posted thread. While talking to a friend of mine who has taken data structure and algorithm cou...
New
PragmaticBookshelf
Author Spotlight: Peter Ullrich @PJUllrich Data is at the core of every business, but it is useless if nobody can access and analyze ...
New
New
First poster: AstonJ
Jan | Rethink the Computer. Jan turns your computer into an AI machine by running LLMs locally on your computer. It’s a privacy-focus, l...
New
PragmaticBookshelf
Get the comprehensive, insider information you need for Rails 8 with the new edition of this award-winning classic. Sam Ruby @rubys ...
New
Margaret
Ask Me Anything with Mark Volkmann @mvolkmann On February 24 and 25, we are giving you a chance to ask questions of PragProg author M...
New