Since 2.1.0

Connectors TLS Configuration

Secure Connector communications with TLS encryption and authentication

Connectors support the router's TLS features to authenticate and encrypt communications.

You can configure TLS for all Connectors or a specific Connector source.

To configure all Connectors, set TLS configurations on tls.connector.all.
To configure a specific Connector source, set TLS configurations on tls.connector.sources.X where X is your subgraph_name.source_name.
If you configure both, specific Connector source configurations override configurations set on tls.connector.all.

Example TLS configuration

The example configuration below sets certificate authorities and client authentication for all Connectors and overrides the configuration for the v1 source on the example subgraph.

YAML

router.yaml

tls:
  connector:
    # Set TLS configurations for all Connectors
    all:
      certificate_authorities: ${file./path/to/ca.crt}
      client_authentication:
        certificate_chain: ${file./path/to/certificate_chain.pem}
        key: ${file./path/to/key.pem}
    # Override global setting for specific sources
    sources:
      subgraph1.endpoint1:
        certificate_authorities: ${file./path/to/specific_ca.crt}
        client_authentication:
          certificate_chain: ${file./path/to/specific_certificate_chain.pem}
          key: ${file./path/to/specifc_key.pem}

Subgraph Reference

Development and Tooling

From Federation 1 to 2

Server-Driven UI

Publishing

Contracts

SAML

OIDC

Authentication

Router Telemetry

Log Exporters

Metrics Exporters

Trace Exporters

Instrumentation

Subgraph Observability

Client Observability

OpenTelemetry

GraphQL Subscriptions

Coprocessors

Rhai Scripts

Custom Builds

Dedicated

AWS Lattice

Connectors TLS Configuration

Example TLS configuration