Backend>Questions

What's the recommended approach for securing GraphQL APIs?

conradwt

conradwt

What's the recommended approach for securing GraphQL APIs?

Hi, I’m building an application that will have support for both the web and mobile. At this time, I’m using PhxGenAuth for authentication on the web. However, it appears that there’s no out-of-the-box support for API authentication.

Thus, I was wondering, what’s the recommended approach for securing GraphQL APIs these days? From the book “Craft GraphQL APIs in Elixir with Absinthe”, it appears that JWTs is a good solution to go with for now.

Finally, are there any recommended Hex authentication packages that support both session and API authentication?

1 comment
#community/phoenix/book-craft-graphql-apis-in-elixir-with-absinthe#graphql
6 1241 1

Most Liked

OvermindDL1

OvermindDL1

A header token or a token passed in the message directly are the two ways I most often see.

3
Post #3

Where Next?

View thread on forum
View Craft Graphql Apis In Elixir With Absinthe's book portal
Post errata for this book
Post a suggestion for this book
Post a question about this book
Post a review about this book
phoenix
community
graphql
Home Backend>Questions
#community/phoenix/book-craft-graphql-apis-in-elixir-with-absinthe#graphql
6 1241 1
Last post

Popular Backend topics Top

pillaiindu
Backend>Questions

Do you recommend AWS Amplify for a small scale Uber clone?
Cross posting from HashNode. A friend of mine is creating Uber-like app for a small company with 200 to 1000 cars. The app will operate ...
#aws-amplify#aws-lambda
13 1554 6
New
Kurisu
Backend>Questions

I'm curious if I can have a feature like Elixir/Phoenix umbrella project when using Ruby On Rails
Following on an old discussion I started on Elixir Forum here, I finally made my mind to learn Ruby on Rails in addition to Elixir/Phoen...
/elixir/ruby/rails/phoenix
20 1834 9
New
s2k
Backend>Questions

An ERB/bundler behaviour I don't understand
I have this code in a file that’s used to … render templates. require 'erb' require 'ostruct' MISSING_CONFIG_MARKER = :config_key_and_v...
/ruby
11 1282 4
New
sampu
Backend>Questions

Keep Alive data packets configuration with Spring Webflux endpoint
I have a use case where a client is invoking a Rest endpoint via a load balancer, which in turn invokes a third party endpoint which is r...
#keep-alive
5 1851 1
New
Fl4m3Ph03n1x
Backend>Questions

Is there a way to have Elixir Records without default values?
Background I am trying to find a cheap and easy way to create New Types in Elixir, and Records seem to be just what I would need. Probl...
/elixir
10 1030 2
New
GermaVinsmoke
Backend>Questions

Does anyone know beginner friendly Elixir/Phoenix Open source projects?
Does anyone know beginner friendly Elixir/Phoenix Open source projects? For learning purpose :slightly_smiling_face:
/elixir/phoenix
4 964 2
New
sona11
Backend>Questions

Java equals() selection
In Java, if I try to do.equals() on a null string, a null pointer error is issued. I’m wondering whether I can perform the following if I...
/java
4 1002 3
New
Manish_bose
Backend>Questions

Convert long data to wide data in SQL?
Can anyone help me how to convert a long data to wide data in SQL without using hard coding? Regards Manish
#sql
7 859 2
New
Fl4m3Ph03n1x
Backend>Questions

Cannot compile ssl_verify_fun in Windows 11 for Elixir
Background I have a phoenix application in Windows 11. Unfortunately for me, I cannot compile the application because of a dependency err...
/elixir/phoenix
4 1342 2
New
pillaiindu
Backend>Questions

What is the difference between using `:references` and `:belongs_to` in a generate command in Rails?
What is the difference between using :references and :belongs_to in the following command? bin/rails generate scaffold LineItem product:...
/ruby/rails
5 660 2
New

Other popular topics Top

Devtalk
General Dev>Dev Chat

What dev-related stuff have you been up to?
Reading something? Working on something? Planning something? Changing jobs even!? If you’re up for sharing, please let us know what you’...
#community
1037 19435 386
New
AstonJ
General Dev>Hardware

Keyboard thock (sound)
I’ve been hearing quite a lot of comments relating to the sound of a keyboard, with one of the most desirable of these called ‘thock’, he...
/keyboards#mechanical-keyboards
14 9747 8
New
AstonJ
General Dev>Dev Chat

How fast do you type? Check your WPM here!
Do the test and post your score :nerd_face: :keyboard: If possible, please add info such as the keyboard you’re using, the layout (Qw...
typing-speed-test.aoeu.eu
/keyboards
82 7310 31
New
DevotionGeo
General Dev>Dev Chat

The V Programming Language
The V Programming Language Simple language for building maintainable programs V is already mentioned couple of times in the forum, but I...
#programminguages/v
21 12589 7
New
Margaret
General Dev>Sales

Get 50% off these PragProg books during our Think Again Sale
Think Again 50% Off Sale » The theme of this sale is new perspectives on familiar topics. Enter coupon code ThinkAgain2021 at checkout t...
#community#pragprog/elixir/book-a-common-sense-guide-to-data-structures-and-algorithms-second-edition/book-programming-machine-learning/book-the-ray-tracer-challenge/book-forge-your-future-with-open-source/book-software-design-x-rays#algorithms/book-testing-elixir#machine-learning#sale/book-concurrent-data-processing-in-elixir/book-intuitive-python
8 6210 2
New
PragmaticBookshelf
Community>In The Spotlight

Spotlight: James Stanier (Author) Interview and AMA!
Author Spotlight James Stanier @jstanier James Stanier, author of Effective Remote Work , discusses how to rethink the office as we e...
#pragprog#remote/book-effective-remote-work
29 4305 12
New
PragmaticBookshelf
Community>In The Spotlight

Spotlight: Erin Dees (Author) Interview and AMA!
Author Spotlight Erin Dees @undees Welcome to our new author spotlight! We had the pleasure of chatting with Erin Dees, co-author of ...
#author-spotlight/ruby/rails/book-effective-testing-with-rspec-3/book-seven-more-languages-in-seven-weeks/book-cucumber-recipes#rspec
24 3863 11
New
CommunityNews
General Dev>In The News

X can’t stop spread of explicit, fake AI Taylor Swift images
Will Swifties’ war on AI fakes spark a deepfake porn reckoning?
arstechnica.com
/swift
0 7404 0
New
PragmaticBookshelf
Backend>Learning Resources

Ash Framework
Explore the power of Ash Framework by modeling and building the domain for a real-world web application. Rebecca Le @sevenseacat and ...
pragprog.com
#pragprog/elixir#published-book/ash/book-ash-framework
15 5191 9
New
PragmaticBookshelf
Backend>Learning Resources

Simplicity
Fight complexity and reclaim the original spirit of agility by learning to simplify how you develop software. The result: a more humane a...
pragprog.com
#pragprog#published-book/book-simplicity
10 4288 8
New
Back to top

Sponsor Spotlight

Erlang Solutions

We build trusted fault-tolerant systems that scale to billions of users.

Latest in Craft GraphQL APIs in Elixir with Absinthe

Craft GraphQL APIs in Elixir with Absinthe Portal

Latest in Phoenix

Phoenix Portal

Backend>Questions

Backend Questions

Latest on Devtalk

Devtalk

We ❤️ helpful members!

We reward our most helpful members via our MOTM scheme - by giving away a whopping 25 books per year!

Member of the Month

Devtalk Sponsors

Pragmatic Bookshelf

Practical resources that improve the lives of professional developers.

Erlang Solutions

We build trusted fault-tolerant systems that scale to billions of users.

Honeybadger

Real-time error tracking, performance insights, and observability for devs.

Manning Publications

Develop your skills with books, videos, and courses.

AppSignal

Catch errors, track performance, monitor hosts and more.

WyeWorks

Enabling companies to succeed by building software people love.

Pragmatic Studio

Courses that move you from confusion to "Aha, now I get it!"

View all our sponsors ❯

Categories:

Sub Categories:

Popular Portals

Devtalk Sponsors

Pragmatic Bookshelf

Practical resources that improve the lives of professional developers.

Erlang Solutions

We build trusted fault-tolerant systems that scale to billions of users.

Honeybadger

Real-time error tracking, performance insights, and observability for devs.

Manning Publications

Develop your skills with books, videos, and courses.

AppSignal

Catch errors, track performance, monitor hosts and more.

WyeWorks

Enabling companies to succeed by building software people love.

Pragmatic Studio

Courses that move you from confusion to "Aha, now I get it!"

View all our sponsors ❯

We're in Beta

About us Mission Statement See our Roadmap