A guide to authentication in GraphQL
Jonas Helfer
58017

Hi Jonas. Great post! I’m working on a spring boot app, and managed to configure security and session management with spring security. Now the “/graphql” endpoint is secured (it can be accessed only sending the “basic http authentication” or the session token in a http header of the request). Authenticating with “basic http authentication” will send back the session token, so that token can be used further, to continue that session.

My issue is that now I’d like to give access to anonymous (not authenticated) users to some graphql queries/mutations like “registration”.

Now I’m thinking to create a special user with his own credentials to play the role of anonymous, but this seams as a work around.

Do you have this issue when you handle the authentication in the web server? How do you solve anonymous access?

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.