Hello,
I like to use dgraph at work, and now I have some security issues, please support
How to set the login password, we need to deploy a production environment, so we need a strong password
How to create a read-only account. As you can see, any user can enter query and mute and modify the schema. I need to restrict ordinary users to only query
In addition, is the acl only available in the enterprise version?
yes, ACL is an enterprise feature. Either you will have to use Dgraph Cloud or get an Enterprise Support contract.
ok thanks.How about my question one.Can the open source version change the default login password
Options for the community version:
You can use TLS Configuration - Deploy - With TLS only those clients with the cert will be able to access.
You can also set a token
--security string Security options
token=; If set, all Admin requests to Dgraph will need to have this token.
The token can be passed as follows: for HTTP requests, in the X-Dgraph-AuthToken header.
For Grpc, in auth-token key in the context.
With this all clients have to pass that token(custom token, AKA Poor Man’s ACL)
You are trying to execute a GraphQL mutation in Ratel. Ratel does not support GraphQL. Hence the error. You should the Admin run query/mutation it via cURL or a GraphQL client.
Never expose your database in public. Always create an API and put it behind a firewall. Your back-end should be the one that controls the DB access.
No, ACL is EE.
If you are confused by the Login part in Ratel. Don’t worry, you don’t need to log in to the community version.
Thanks, I have successfully configured tls. Later, if I need to strengthen authority control, I will consider purchasing the enterprise version