Documentation Center

Enabling GraphQL mutations

Public Content API supports GraphQL mutations, which make it possible to create, modify and delete data in an external system. To provide additional security, some additional configuration is required in your Content Delivery environment.

About this task

Tridion Integration Framework uses this feature in its support of PCA-based Connectors, such as the Connector for Salesforce. You can also extend the Content Service to use mutations outside of Tridion Integration Framework.

When implementing Connectors that will use mutations, the following configuration changes may be necessary in your Content Delivery environment:

  • For on-premises implementations, you must enable mutations for the Content Service. (Cloud implementations typically use an environment variable. This task describes steps for an on-premises implementation only.)
  • When using OAuth for authentication (the default), any user account that needs to perform mutations needs to be associated with an Oauth role that has read/write permissions. Without these permissions, mutations will not be allowed. Tridion Docs comes preconfigured with one such role: cdusermutation (password is mentioned in the configuration file). You can configure additional Oauth users, as needed.

Procedure

  1. Do the following in your Content Delivery server environment to enable mutations in the Content Service:
    1. In the config/ subdirectory of the Content Service microservice root location, open application.properties.
    2. Add the following line to enable mutations:
      graphql.mutations.enabled=TRUE

      If you wish to disable mutations, set the value to FALSE, or simply remove the parameter.

    3. Save and close application.properties.
  2. If OAuth is enabled, also do the following so that users execute mutation calls:
    1. In the config/ subdirectory of the Discovery Service microservice root location, open cd_ambient_conf.xml.
    2. Find the Accounts section.
    3. Add an account definition with the ReadWrite parameter set to "true". The following code snippet illustrates the definition for the default user account for mutations: cdusermutation
      <Account Id="cdusermutation" Password="${cdusermutationpassword:-PASSWORD}">
         <Metadata>
            <Param Name="FirstName" Value="CD"/>
            <Param Name="LastName" Value="UserMutation"/>
            <Param Name="Role" Value="cd"/>
            <Param Name="ReadWrite" Value="true"/> <!-- Defined that mutations are allowed -->
            <Param Name="AllowedCookieForwarding" Value="true"/>
         </Metadata>
      </Account>

      where PASSWORD is the password found in the file.

    4. Save and close cd_ambient_conf.xml.
  3. Start or restart the Content Service.