Dgraph Cloud now includes an API so you can programmatically launch and manage your Cloud backups.
The majority of these APIs use
https://cerebro.cloud.dgraph.io/graphql as the primary endpoint, and will require you to log in with a username and password. Please see Authentication for instructions on generating a JWT token.
Please see the following topics:
- Authentication describes how to authenticate with the Dgraph Cloud API.
- Backend lists commands related to backend.
- Backup lists commands related to backup.
- Lambda lists commands related to Lambda.
- Schema lists commands related to schema.
Understanding Headers used across the APIs
Dgraph Cloud has two layers of security: Dgraph Cloud Authentication and Dgraph Access Control Lists Authentication. The following section introduces the usage of the headers involved in the authentication process. These include the
Dgraph Cloud Authentication
X-Auth-Token headers are for Dgraph Cloud’s API key authentication (where you pass in any API key you would generate from the “API Keys” tab on the Settings page). The API key passed can be one of two kinds: Admin API key or Client API key. The tokens generated from the admin API grant access to the
/admin/slash endpoints to perform schema alterations and similar operations. The tokens generated via the Client API key provides access to the
/graphql endpoint to run GraphQL queries and mutations.
Dgraph Cloud also offers the Dgraph Cloud API, hosted at this endpoint, that helps to automate tasks such as deployment of a lambda. In order to use this API, users need to pass an
Authorization header. In order to generate this header, the user must first Authenticate and generate a token. The token is then set in
Authorization header as a Bearer token (e.g.
Authorizationheaders are relevant to all types of backends, including Free, Shared, and Dedicated Backends.
Dgraph Access Control Lists Authentication
X-Dgraph-AccessToken header is used for accessing backends using Dgraph’s Access Control Lists or the Multitenancy feature. This lets you pass in an access JWT generated via a login mutation for a Dgraph user from the access control list permissions and/or log into a specific namespace with multi-tenancy. The Login mutation relevant for ACL is documented here.
If you’re using ACLs or multitenancy, then you’ll need to set the
X-Dgraph-AccessToken with a JWT token to access your backend.
X-Dgraph-AccessTokenheader is relevant only for the Dedicated backends. Users with Free or Shared backends can ignore this header.