Disable GraphQL Introspection

Available on: Cloud Free, Cloud Professional, Cloud Enterprise, Self-Hosted Enterprise

Introduction

The GraphQL Engine by default enables GraphQL Schema Introspection which gives full information about the schema and may not be desired in production.

To avoid this, you can disable GraphQL introspection on a per-role basis.

Disabling GraphQL introspection for a role

Introspection can be disabled by navigating to the Security tab, selecting Schema Introspection and modifying or adding the role you wish to disable introspection for.