GraphQL Endpoint /graphql#
EOL
The version 1.1 /graphql endpoint has reached end of life.
ESS provides a GraphQL endpoint to query a Pod’s access control information. Specifically, you can use the endpoint for the following queries:
For a Pod, find all its owner Agents.
For a Pod, find all its resources.
For a Pod, find all Agents that have access to any of its resource.
For a Pod, find all Agents that have access to a specific resource.
For a Pod, find all resources to which a specific Agent has access.
For more information on GraphQL, see https://graphql.org/learn/.
GraphQL Endpoint#
ESS uses the following as the default GraphQL endpoint:
https://access.<DOMAIN>/graphql
If your ESS deployment configuration uses a different endpoint, see Discovery.
Available Queries for a Pod#
Query: Find All Owners of a Pod#
The following query finds all Owner agents for a Pod:
{
pod(iri: <IRI> ) {
owners
}
}
The query returns the results under the root field named data:
{
"data": {
"pod": {
"owners": [
"<Owner1 WebID>",
"<Owner2 WebID>",
...
]
}
}
}
Payload Field |
Description |
|---|---|
owners |
List of the Pod owners. |
Query: Find All Resources in a Pod#
The following query finds all resources in a Pod:
{
pod(iri: <IRI> ) {
resources
}
}
The query returns the results under the root field named data:
{
"data": {
"pod": {
"resources": [
"<Resource1 IRI>",
"<Resource2 IRI>",
...
]
}
}
}
Payload Field |
Description |
|---|---|
resources |
List of all resources in the Pod. |
Query: Find All Agents with Access to Any Resource in a Pod#
The following query finds all agents that have access to any resource in a Pod:
{
pod(iri: <IRI> ) {
agentsWithAccess
}
}
The query returns the results under the root field named data:
{
"data": {
"pod": {
"agentsWithAccess": [
"<Agent1 WebID>",
"<Agent2 WebID>",
...
]
}
}
}
Payload Field |
Description |
|---|---|
agentsWithAccess |
List of agents with access to any of the Pod’s resources. |
Query: Find All Agents with Access to a Specific Resource in a Pod#
The following query finds all Agents that have access to a specific
resource in a Pod. Specify the resource as a parameter (resource:
<IRI>) to accessToResource:
{
pod(iri: <IRI> ) {
accessToResource(resource: <IRI>) {
agent
allow
deny
resource
}
}
}
The query returns the results under the root field named data:
{
"data": {
"pod": {
"accessToResource": [
{
"agent": <Agent1 WebID>,
"allow": [
<AccessMode1>,
<AccessMode2>,
...
],
"deny": [
<AccessMode1>,
<AccessMode2>,
...
],
"resource": <IRI>
},
{
"agent": <Agent2 WebID>,
"allow": [
<AccessMode1>,
<AccessMode2>,
...
],
"deny": [
<AccessMode1>,
<AccessMode2>,
...
],
"resource": <IRI>
},
...
]
}
}
}
Payload Field |
Description |
||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
accessToResource |
List of agents and their access to the specified resource in the Pod.
|
Query: Find All Resources in a Pod for which an Agent has Access#
The following query finds all of a specific Agent’s access to the
resources in a Pod. Specify the agent as a parameter (agent:
<WebID>) to accessByAgent:
pod(iri: <IRI> ) {
accessByAgent(agent: <WebID>) {
agent
allow
deny
resource
}
}
The query returns the results under the root field named data:
{
"data": {
"pod": {
"accessByAgent": [
{
"agent": <Agent WebID>,
"allow": [ <AccessMode1>, <AccessMode2>, ... ],
"deny": [ <AccessMode1>, <AccessMode2>, ... ],
"resource": <Resource1 IRI>
},
{
"agent": <Agent WebID>,
"allow": [ <AccessMode1>, <AccessMode2>, ... ],
"deny": [ <AccessMode1>, <AccessMode2>, ... ],
"resource": <Resource2 IRI>
},
...
]
}
}
}
Payload Field |
Description |
||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
accessByAgent |
List of the resources and the corresponding access for the specified agent.
|
Available Schemas#
You can retrieve the GraphQL schema information at the following location:
https://access.<DOMAIN>/graphql/schema.graphql
If your ESS deployment configuration uses a different endpoint, see Discovery.