Graphql Persistant Query - Failed to save Query
This issue occurs when, for instance, you are trying to create a Persistent Query using PUT without authorization token. PUT and DELETE should, for security reason, be authenticate to create, update or delete any Persistent Query into the repository.
Now, to give you more clarity on this, if you are using the Postman Collection provided by Adobe for Headless, you would notice that the PUT, DEL queries might pointing to the AEM Author environment. If you use the basic authentication such as admin/admin you are able to perform these actions and create, update or delete these queries.
If you are point the AEM publish instance, ALL incoming requests to AEM Publish are, by OOTB, are using the anonymous user, which belongs to the everyone user-group in AEM.
Now, if your use-case is to create, update and delete persistent query from your 3rd-party application (e.g.: Postman, or any others) these actions fails because the anonymous user hasn't enough ACL privileges to write directly into the AEM Publish repository.
There are several options to overcome the "issue" such as:
- elevate everyone permission allowing to rep:write
- create a new user-group, add anonymous user into the group, and granting the same ACL rep:write
- create a "technical" user, depend you are on AMS/On-Prem or Cloud, with username/password or JWT and again granting the same ACL rep:write
The screenshot below for the ACL permission
My advice, as also Adobe recommends, is to create Persistent Queries on AEM Author environment, and replicate them through Package Manager (crx/de). If you are running on AEM Cloud Service, you can use GraphiQL to directly save and replicate them to all AEM Publish instances.
Note: the GraphiQL version available for AEM AMS/On-Prem doesn't support (yet) this feature of replicating Persistent Query to all AEM Publish instances
