Hasura Integration
Witboost uses Hasura to leverage GraphQL to perform read-only queries in certain cases (e.g. Marketplace module).
By default, Witboost builds a JWT token for each user that includes a set of Hasura claims. These claims are:
x-hasura-allowed-roles
: that is the list of allowed roles for the user i.e. acceptable values of thex-hasura-role
HTTP header. (See Hasura Authentication). This will be set to['admin']
by default.x-hasura-default-role
: indicating the default role for that user i.e. the role that will be used in case x-hasura-role header is not passed. (See Hasura Authentication). This will be set toadmin
by default.
If those settings are not desired, you can specify two properties inside the app-config.yaml
, so that Witboost will take them inside the JWT token.
Those properties are:
mesh.marketplace.hasuraClaims.x-hasura-default-role
mesh.marketplace.hasuraClaims.x-hasura-allowed-roles
See Configurations.
tip
Each user will take the same set of x-hasura-default-role
and x-hasura-allowed-roles
claims. Up to now it is not possible to differentiate the assignations.
The platform team can define permissions rules on the Hasura platform.
Rules follow a specific format. See Hasura documentation.