Restrict origins

We’re overhauling Dgraph’s docs to make them clearer and more approachable. If you notice any issues during this transition or have suggestions, please let us know.

To restrict origins of HTTP requests add lines starting with # Dgraph.Allow-Origin at the end of your GraphQL schema specifying the origins allowed.

For example, the following restricts all origins except the ones specified.

# Dgraph.Allow-Origin "https://example.com"
# Dgraph.Allow-Origin "https://www.example.com"

CORS restrictions only apply to browsers.

By default, the /graphql endpoint doesn’t limit the request origin (Access-Control-Allow-Origin: *).

Authorization tips ABAC Rules

We’re overhauling Dgraph’s docs to make them clearer and more approachable. If you notice any issues during this transition or have suggestions, please let us know.

To restrict origins of HTTP requests add lines starting with # Dgraph.Allow-Origin at the end of your GraphQL schema specifying the origins allowed.

For example, the following restricts all origins except the ones specified.

# Dgraph.Allow-Origin "https://example.com"
# Dgraph.Allow-Origin "https://www.example.com"

CORS restrictions only apply to browsers.

By default, the /graphql endpoint doesn’t limit the request origin (Access-Control-Allow-Origin: *).

Authorization tips ABAC Rules

Restrict origins

Getting Started

Connecting

Query Language

GraphQL-based Development

Administration

Tools

Resources

Restrict origins