Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Use case for PII or Secure fields in Content Fragment Models

Avatar

Level 1

1. At Schema Generation section: Enabling your GraphQL Endpoint of the below URL: https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/assets/admin/graphq..., there is a caution note that states:
"All the GraphQL schemas (derived from Content Fragment Models that have been Enabled) are readable through the GraphQL endpoint.
This means that you need to ensure that no sensitive data is available, as it could be leaked this way; for example, this includes information that could be present as field names in the model definition."
Can someone please elaborate on the point that how do we ensure that there is no sensitive data available in the Schema generated from the "Enabled" Content Models.
The example in the caution talks about: "this includes information that could be present as field names in the model definition." So my confusion is majorly around this example.

To state more clearly: If in a content model's definition we have a field that is a secure data or PII data, then if we do not enable that content model, I believe no GraphQL endpoint can be created, however what would be the use of having the secure field in this case?

0 Replies