GraphQL subscription authentication

๐Ÿ™‹ Help
,
1

How to authenticate graphql subscription

Hi everyone,

I have a problem testing graphql subscriptions. Our APIs are protected (https/wss) and on the connection start the initial message must have JWT token, otherwise the server rejects the subscription request.

With a graphql-ws protocol a client has the possibility to send an initial message with an arbitrary payload. How this kind of operation could be done with Postman?

Iโ€™ll add official apollo react documentation as support to what I need to do.

Any suggestion is welcome.

Thanks

2

Welcome :wave: @aleks78

I just did a little POC to test that in Postman. It is certainly possible to provide auth info for a GraphQL subscription request.

tldr;

Screenshot 2023-10-05 at 6.42.04 AM
Screenshot 2023-10-05 at 6.42.04 AM2162ร—1718 189 KB

Details
I created a GraphQL server instance that checks onSubscribe if the user is authenticated and returns an error. I used the graphql-ws library and used a GraphQL Yoga server. I can add authorization details to the Authorization tab, which receives the web socket request. Referred to this guide.

An older version of the GraphQL Postman client (v1) allowed you to use the same interface and send the payload by setting the request body type as GraphQL - Manage GraphQL queries using the Postman HTTP request interface | Postman Learning Center

There is, however, a newer version of the client, which is more customized to the requirements of GraphQL users. Iโ€™d suggest trying this one out - Manage GraphQL queries using the Postman HTTP request interface | Postman Learning Center. In case, you find other bugs or issues with the client, the team would your feedback via an issue on this repository - GitHub - postmanlabs/postman-app-support: Postman is an API platform for building and using APIs. Postman simplifies each step of the API lifecycle and streamlines collaboration so you can create better APIsโ€”faster.

Iโ€™m happy to help, in case this solution doesnโ€™t work out for you! Let me know :slight_smile:

1 Like
3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.