Skip to main content

Hasura Integration

Witboost uses Hasura to leverage GraphQL to perform read-only queries in certain cases (e.g. Marketplace module).

By default, Witboost builds a JWT token for each user that includes a set of Hasura claims. These claims are:

  • x-hasura-allowed-roles: that is the list of allowed roles for the user i.e. acceptable values of the x-hasura-role HTTP header. (See Hasura Authentication). This will be set to ['admin'] by default.
  • x-hasura-default-role: indicating the default role for that user i.e. the role that will be used in case x-hasura-role header is not passed. (See Hasura Authentication). This will be set to admin by default.

If those settings are not desired, you can specify two properties inside the app-config.yaml, so that Witboost will take them inside the JWT token.

Those properties are:

  • mesh.marketplace.hasuraClaims.x-hasura-default-role
  • mesh.marketplace.hasuraClaims.x-hasura-allowed-roles

See Configurations.

tip

Each user will take the same set of x-hasura-default-role and x-hasura-allowed-roles claims. Up to now it is not possible to differentiate the assignations.

The platform team can define permissions rules on the Hasura platform.

Rules follow a specific format. See Hasura documentation.