GraphQL Specification "October2021" is used. (But GraphQL only covers formulation of Documents/Queries.)
GraphQL-over-HTTP, which specifies how to submit GraphQL queries via HTTP, has not been released/finalized yet. We therefore use Version a1e6d8ca.
Only GraphQL documents conforming to the 'ExecutableDocument' of the grammar are allowed: This includes the usual 'query', 'mutation', 'subscription' and 'fragment's.
Syntax
graphQLProtection:
'$ref': <string>
allowedMethods: <string>
allowExtensions: <boolean>
disallow:
- <filters>
maxDepth: <number>
maxMutations: <number>
maxRecursion: <number>
graphQLProtection:
'$ref': <string>
allowedMethods: <string>
allowExtensions: <boolean>
disallow:
- <filters>
maxDepth: <number>
maxMutations: <number>
maxRecursion: <number>
Attributes
| Name | Required | Default | Description | Examples |
|---|---|---|---|---|
| $ref | false | - | Reference a component defined under components. | - |
| allowedMethods | false | GET, POST | Which HTTP methods to allow. Note that per the GraphQL-over-HTTP spec, you need POST for mutation or subscription queries. | - |
| allowExtensions | false | false | Whether to allow GraphQL "extensions". | true |
| maxDepth | false | 7 | How deep queries can be nested. | - |
| maxMutations | false | 5 | Limit how many mutations can be defined in a document query. | 2 |
| maxRecursion | false | 3 | How deep recursive parts of queries can be nested. | - |
Child Structure
| Element | Cardinality | Description |
|---|---|---|
| filters | 0..* |