Disable graphql introspection

Andressa_Miritz_da_C · April 28, 2025, 7:53pm

Hey folks, our security team pointed as a possible security risk graphql introspection on production stores, is there a configuration available for us to handle it?

Kevin_Sieger · April 30, 2025, 5:20pm

Not a security risk - Shopifys APIs are publicly documented either way.

Kevin

Topic		Replies	Views
Shopify GraphQL metadata is huge GraphQL Admin API Troubleshooting rest-migration	4	113	October 24, 2024
REST and GraphQL APIs permission discontinuity GraphQL Admin API Troubleshooting rest-migration	3	99	February 26, 2025
Is it possible to change which API is queried by the GraphiQL instance provided by the CLI? GraphQL Admin API Troubleshooting general-gql-troubles	3	29	October 29, 2024
Welcome to the New GraphQL Product APIs board! New GraphQL Product APIs new-gql-apis	1	519	October 22, 2024
Calling admin API needs to enable the storefront API permission GraphQL Admin API Troubleshooting general-gql-troubles	2	61	November 26, 2024

Disable graphql introspection

Related topics