Disable GraphQL Introspection
The GraphQL Engine by default enables GraphQL Schema Introspection which gives full information about the schema and may not be desired in production.
To avoid this, you can disable GraphQL introspection on a per-role basis.
Disabling GraphQL introspection for a role
Introspection can be disabled by navigating to the
Security tab, selecting
Schema Introspection and modifying or
adding the role you wish to disable introspection for.