Skip to main content
Version: v2.x

Enable HTTPS

Setting up HTTPS

Hasura GraphQL engine does not handle SSL/TLS for your API. That means, Hasura GraphQL engine cannot serve your API on an HTTPS URL.

You should use a reverse proxy (like Nginx, Caddy, Kong, Traefik etc.) or the cloud provider's native load balancer SSL termination features to secure your API.

Sample configurations

Here are a few sample configurations for some popular proxies:

Nginx

Here is a sample nginx.conf to proxy requests to Hasura:

server {
listen 80;
listen 443 ssl;
server_name hasura.<my-domain.com>;

location / {
proxy_pass http://localhost:8080/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}

Please note that setting up SSL is not covered in this guide. You can find more information at Nginx docs.

To serve Hasura with a URL prefix instead of a separate subdomain, use location /hasura/ or similar.

Caddy

Here is a sample Caddyfile to proxy requests to Hasura:

hasura.<my-domain.com> {
reverse_proxy localhost:8080
}

Caddy has TLS provisioning built-in with Let's Encrypt or ZeroSSL. You can find the docs at Caddy website.

In order to serve at a URL prefix, use the following configuration:

<my-domain.com> {
handle_path /hasura* {
reverse_proxy localhost:8080
}

handle {
# Fallback for otherwise unhandled requests
}
}