[Question] - Ability for GatsbyJS to send Auth headers to WordPress GraphQL endpoint?

[rforster-dev]

We have a scenario where our WordPress website is hosted in Azure as an App Service, and the business requires it to be locked down using the built in Authentication approach. This will mean users can only view the website with their AD credentials.

Once they log in with their AD details, they can view the website.

This causes issues for our pipeline which is hosted in Azure DevOps where in the build task it will query /graphql endpoint specified, but it won't reach it as it gets a 401 Unauthorised access.

Is there a way either in gatsbyjs, or pipeline to pass authorisation headers perhaps - unless there is a better way of doing this?

Thanks!

[rforster-dev]

I have half got around this - by adding a authorization.json file to the root and specifying that /graphql is allowed, but everything else needs to be redirected to Auth - if anyone is having the same issue as me!

I do think it would be beneficial to be able to set Auth headers though to WP, or through an Auth route.

Edit: Also, you'll need to allow access to wp-content/uploads/ folder if you are sourcing images from WP.