Enabling GraphQL mutations
Public Content API supports GraphQL mutations, which make it possible to create, modify and delete data in an external system. To provide additional security, some additional configuration is required in your Content Delivery environment.
About this task
Tridion Integration Framework uses this feature in its support of PCA-based Connectors, such as the Connector for Salesforce. You can also extend the Content Service to use mutations outside of Tridion Integration Framework.
When implementing Connectors that will use mutations, the following configuration changes may be necessary in your Content Delivery environment:
- For on-premises implementations, you must enable mutations for the Content Service. (Cloud implementations typically use an environment variable. This task describes steps for an on-premises implementation only.)
- When using OAuth for authentication (the default), any user account that needs to perform mutations needs to be associated with an Oauth role that has read/write permissions. Without these permissions, mutations will not be allowed. Tridion Sites comes preconfigured with one such role:
cdusermutation(password is mentioned in the configuration file). You can configure additional Oauth users, as needed.
Procedure
- If you have an on-premises implementation, do the following to enable mutations in the Content Service:
- If OAuth is enabled, do the following so that users execute mutation calls:
- Start or restart the Content Service.