Schema query permission


Is there any way to block browser access if someone knows the url to your simple API? I’m working with the permissions now, but even when they don’t have permissions… they can use the schema tab to see all of my types. I’d rather obscure that.


Hey @matart15, blocking the introspection query is currently not possible in the Graphcool Framework, but here’s a related feature request.

I encourage you to take a look at Prisma, where this has been already implemented.
You can learn more about Graphcool Framework vs. Prisma here.