Custom introspection headers for supergraph compose

[thijsdaniels]

Description

The subgraphs we're working on are protected using an API key, which they read from an X-Api-Key header. Since this header is required for introspection requests as well, we can't currently use the supergraph compose command with our setup.

It would be awesome to be able to include custom headers with this command, similar to the graph introspect --header {header} command.

Since different subgraphs might require different headers (or no headers at all if they use a local schema), I think it would be handy to define the headers in the supergraph.yaml configuration. Maybe something like this?

subgraphs:
  posts:
    routing_url: https://example.com/graphql
    schema:
      subgraph_url: https://example.com/graphql
      subgraph_headers:
        - X-Api-Key: 123abc
        # Or maybe key-value if you want to avoid messy key names.
        - key: X-Api-Key
          value: 123abc

[lrlna]

Hi @thijsdaniels! Thanks for the report. We need to think of a good way to add this to supergraph compose, but this will definitely be something we'd like to support. I am not opposed to your initial suggestion of - X-Api-Key: 123abc. That seems like it'd serve us well.

[thijsdaniels]

Hi @lrlna, that's great news! If there's anything I can do to help just give me a shout :)

[gfviegas]

Just bumped with the same issue @thijsdaniels mentioned initially: API key protected APIs. Is there any workaround until the header options is supported?

Thanks

[thijsdaniels]

@gfviegas You could download each of the subgraph's schemas using the introspect command, which does support the --header option, and then use the subgraph compose command on those downloaded schemas. I haven't tested this, but as far as I can tell it should work just fine.

[abernix]

@thijsdaniels' suggestion should indeed work (thanks for offering that up!) though I agree there's an evolution of the configuration format that could offer this as well. I'd suggest going with the rover subgraph introspect http://endpoint --header option for now though, as it'd be some time before we had this ready.

[srolel]

@thijsdaniels could you please elaborate on that solution? from what I can see in 0.3.0, rover does not have a subgraph compose command.

[MaxHill]

I also have this problem, would love to see a solution to this.

[tysoncadenhead]

It would also be helpful to be able to use headers on the root subgraphs. Something like:

subgraphs:
   posts:
       routing_url: https://example.com/graphql
       routing_headers:
          - X-Api-Key: 123456

The use-case here is that I have a Federated endpoint in front of Private API subgraphs in AWS and the way I'm accessing them is via a header specifying an api gateway id for my VPN Endpoint.

[radekmie]

We've also just stuck at this. The workaround is to manually fetch the schemas using introspect (it supports headers) and then use schema: ./file.graphql instead of subgraph_url: https://example.com/graphql. It's not ideal, though.

[noamski]

@lrlna Is there any progress with this? This would be really helpful

[dbanty]

I added a version of this over in #1574 (just for introspection, not in routing). It'll be a little bit as there's an upstream breaking change required to make it happen, but please leave comments if you think it should behave differently.

Basically, you can do this now:

subgraphs:
  people:
    routing_url: https://example.com/people
    schema:
      subgraph_url: https://example.com/people
      introspection_headers:  # Optional headers to include in introspection request
        Accept: application/json  # You can hard code values
        Authorization: ${env.PEOPLE_AUTH_TOKEN}  # Or use environment variables