You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have private token for privileged calls in server functions, public token to unauthenticated calls on a frontend which can be upgraded to user's personal token by login.
All this is for single API, just different permissions.
Introspection needs to use private token to see whole schema (public tokens see only entities and mutations they have access to). SSR needs to receive public token unless user's token was received in cookie.
Your use case
I have private token for privileged calls in server functions, public token to unauthenticated calls on a frontend which can be upgraded to user's personal token by login.
All this is for single API, just different permissions.
Introspection needs to use private token to see whole schema (public tokens see only entities and mutations they have access to). SSR needs to receive public token unless user's token was received in cookie.
The solution you'd like
Client config like:
or:
Possible alternatives
Currently I have to write a lot of custom logic in a gql:auth:init hook.
Additional information
No response
The text was updated successfully, but these errors were encountered: