Restrict REST or GraphQL API to certain domains #4354

dominikfoeger · 2021-10-01T07:30:01Z

dominikfoeger
Oct 1, 2021

Hi there,

did anyone manage to restrict the REST or GraphQL endpoints to certain domains? I want my decoupled frontend to be able to access it, but no one else.

I tried using the Laravel CORS config (Fruitcake middleware) but I'm still able to query all entries (inclunding unpublished entries) via local postman. Maybe I'm misunderstanding CORS or I need to write a custom middleware…

Thanks

Answered by edalzell

Oct 1, 2021

ya middleware is the answer here, if you don't want to PR into core.

View full answer

edalzell · 2021-10-01T17:06:07Z

edalzell
Oct 1, 2021
Maintainer

ya middleware is the answer here, if you don't want to PR into core.

1 reply

dominikfoeger Oct 2, 2021
Author

Thanks, Erin!

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Restrict REST or GraphQL API to certain domains #4354

{{title}}

Replies: 1 comment 1 reply

{{title}}

{{title}}

Select a reply

Restrict REST or GraphQL API to certain domains #4354

dominikfoeger Oct 1, 2021

Replies: 1 comment · 1 reply

edalzell Oct 1, 2021 Maintainer

dominikfoeger Oct 2, 2021 Author

dominikfoeger
Oct 1, 2021

Replies: 1 comment 1 reply

edalzell
Oct 1, 2021
Maintainer

dominikfoeger Oct 2, 2021
Author