Does Dgraph in some way offer protection against replay attacks? Is this a valid question to ask?
Do you mean the cloud? I never heard this feature in Dgraph Cloud.
In general, you should build your own strategy to protect your Server/Services and applications. In the case of Replay Attacks, a simple timestamp and rejection for a second attempt should be fine. and in addition you can add OTP request on every new attempt. There are several ways. But a timestamp strategy might work pretty well for this case.
Cheers.
Yeah I meant dgraph cloud. The graphql endpoints.
@MichelDiz could you respond to me? I would like to know how I could deal with replay attacks in dgraph cloud.
I did, in short is “no” as far as I know, the long I have wrote above. This type of attack is unique to your application. We have no management over it.
Cheers.
you may need crsf token
.
you can setup a protect server to do security-check and then proxy the request to dgraph server or reject it.