Skip to main content
Version: v2.x

Secure the GraphQL Endpoint

To make sure that your GraphQL endpoint and the Hasura Console are not publicly accessible, you need to configure an admin secret key.

Depending on your deployment method, follow one of these guides to configure an admin secret key, and prevent public access to your GraphQL endpoint and the Hasura Console:

Note

If you're looking at adding access control rules for your data to your GraphQL API then head to Authentication / access control. You can also find more information about Hasura security in general here and best practices here.