You can specify a list of safe operations (GraphQL queries, mutations or subscriptions) for your project. This list restricts your project's GraphQL Engine to execute only queries that are present in the list.
Manage the allow list
The manager view offers inspection, export, or removal of operations in the allow list:
Quick-create allowed operations
This Pro feature lets you add to the allow list with one click from the record of past operations. (With Core, allow lists must be managed manually).