Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
SOLVED

wknd tutorial has graphql pre-configured, but its giving forbidden

Avatar

Level 9

according to this tutorial, installing the latest wknd site from git, should give you a configured graphql endpoint ready to go.

 

Below we can see that the endpoint is configured, and the vanity url is http://localhost:4502/content/graphql/global/endpoint

 

TB3dock_0-1616622197744.png

 

The tutorial seems to be saying the correct URL to use is http://localhost:4502/content/graphql/global/endpoint.json

 

When I send a simple graphql request to this URL, I get this response:

 

{
"servlet":"org.apache.felix.http.base.internal.dispatch.DispatcherServlet-313d2b89",
"message":"Forbidden",
"url":"/content/graphql/global/endpoint.json",
"status":"403"
}

 

 

Any ideas?  Is it requiring some sort of authentication? If so, how do I disable it (i.e. make it public)

 

 

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

The GraphQL endpoint is restricted in author. But, it can be accessed without authentication from publish.

Please create following in author and publish. 

  • Content Fragments
  • GraphQL endpoint
  • Persisted Queries

You should now be able to access the public content via Persisted queries without authentication 


Aanchal Sikka

View solution in original post

3 Replies

Avatar

Level 9

did you check CORS enablement from OSGI mentioned at bottom of this page https://experienceleague.adobe.com/docs/experience-manager-learn/getting-started-with-aem-headless/g...

 

also, look at logs, you may get some clue there as well!!

 

because for me it works perfectly fine.

Avatar

Level 9

Thanks for the reply. The tutorial you refer to has the client application do some sort of authentication, and has the admin username and password in the config:

REACT_APP_HOST_URI=http://localhost:4502

REACT_APP_GRAPHQL_ENDPOINT=/content/graphql/global/endpoint.json

# Use Authorization when connecting to an AEM Author environment

REACT_APP_AUTHORIZATION=admin:admin

 

The crux is I want this to be public, and not require authentication (especially with user/pass) , but cant find out how to do this

Avatar

Correct answer by
Community Advisor

The GraphQL endpoint is restricted in author. But, it can be accessed without authentication from publish.

Please create following in author and publish. 

  • Content Fragments
  • GraphQL endpoint
  • Persisted Queries

You should now be able to access the public content via Persisted queries without authentication 


Aanchal Sikka