Hasura GraphQL API Explorer
TL;DR
Browse, query, mutate, and subscribe to any GraphQL endpoint with our free, full-featured, in-browser GraphiQL app without having to log into Hasura.
Introduction
The Hasura GraphQL API Explorer is a free and full-featured GraphiQL UI which is able to query, mutate, or subscribe to any GraphQL endpoint.
You're able to use this feature to share and test an API endpoint with anyone who has the public URL.
The API Explorer replaces Hasura's legacy GraphQL API exploration tool, GraphQL Online.
Try out a public GraphQL API
From the API Explorer landing page, you can use the quick links on the left of the page to try out some existing public GraphQL APIs including SpaceX, GitHub, or GraphQL Jobs.
For the GitHub GraphQL API you can generate an API token for yourself here. Once
generated, replace the <enter your token here> placeholder in the Authorization header with your token to gain
access.
Connect to any GraphQL API
You can use the Hasura GraphQL API Explorer to connect to any publicly available GraphQL endpoint. Add your endpoint URL to the endpoint field and click "Connect to Endpoint".
Once connected you are able to add any headers you may need to provide authentication or other parameters to the endpoint.
Testing a Hasura Cloud project
Using the GraphQL API Explorer to test a Hasura Cloud project with public access requires only two pieces of
configuration for the project. Most importantly, you must set up unauthenticated access user roles. You can achieve this
by creating an anonymous role with the respective permissions.
Read more here for detailed
steps.
The other piece of configuration is setting the HASURA_GRAPHQL_UNAUTHORIZED_ROLE environment variable to anonymous.
Read more on how to set up
unauthenticated/public access user roles.
The Hasura Cloud Project GraphQL API is publicly sharable, to allow users to access it without authentication. Navigate to the project settings to find the public, sharable URL.
If an admin secret is configured for your Hasura Project, Hasura GraphQL Engine will automatically reject unauthenticated requests. In this case, for the project to be publicly accessible, the admin secret has to be passed as a header in the GraphiQL interface under the Request Headers section. Be careful not to leak a production admin secret publicly.
Shareable URL construction
Here are the supported, optional, configuration options which can be passed as URL query parameters to create a shareable URL to the GraphQL Explorer. These must be http URL encoded.
| Parameter | Description |
|---|---|
| endpoint | URL pointing to a GraphQL service. |
| header | HTTP header to be supplied with requests. Multiple headers can be given by repeating the header param. |
Example:
https://cloud.hasura.io/public/graphiql?header=content-type:application/json&header=Authorization:bearer%20%3Center%20your%20token%20here%3E&endpoint=https://api.github.com/graphql
The header content-type is set to application/json by default if not provided in the URL.
