Enable GraphQL Playground and introspection on Plugin API and other services

[yuval-hazaz]

Feature description

Currently, our services do not enable the graphql playground and instrospection on the different services. It is a common security best practice to disable the playground and introspection features on API, but since our API is public and its code is open-source - we do not actually reveal anything new by enabling introspections and playground.

see this for more opinions about this dilemma https://www.apollographql.com/blog/why-you-should-disable-graphql-introspection-in-production

We can also consider enabling just the introspection and use tools like this for the playground https://studio.apollographql.com/sandbox/explorer

if for any reason, we prefer not to enable the introspection on prod, we can consider doing it on staging or sandbox

Use case

while working on clients for the API, it is very helpful to be able to build and test to queries on the playground

Are you willing to submit PR?

No response

[mulygottlieb]

Let's enable it on all services on Sandbox and Staging only (and keep production introspection off on all services)