some changes to getting started

rsill-neo4j · rsill-neo4j · commit a4cc09462612 · 2025-06-18T16:29:54.000+02:00
diff --git a/modules/ROOT/pages/getting-started/api-creation.adoc b/modules/ROOT/pages/getting-started/api-creation.adoc
@@ -0,0 +1,161 @@
+= Creating a GraphQL API
+
+
+== Before you start
+
+Make sure that you have:
+
+* The ID, username and password for the AuraDB.
+* Your type definitions.
+* If you intend to use JWKS for authentication, the URL from your identity provider that will be used to verify JWKS tokens.
+
+If you intend to use the Aura CLI, follow the guidance provided in xref:aura-graphql/aura-cli-configuration.adoc[] before proceeding.
+
+
+== Console
+
+. In the Aura Console, select **Data APIs** from the left side navigation.
+. Use **Create API** and fill in the details in the **Create GraphQL Data API** dialog.
++
+image::aura-graphql/create/details.png[]
++
+[CAUTION]
+====
+If you set **Enable introspection** and **Enable field suggestions** for production systems the information they provide can be used by malicious actors to reverse-engineer your GraphQL schema and execute arbitrary operations.
+
+**Enable introspection** allows you to query the schema and discover the available queries, mutations, subscriptions, types and fields in the GraphQL API.
+
+**Enable field suggestions** provides suggestions that hint towards GraphQL typos.
+Even with just field suggestions enabled, it is possible for a malicious actor to discover your entire schema.
+====
++
+. Type definitions
++
+This is where you describe the graph database in the AuraDB that the GraphQL API will be used with.
+The type definitions are the same as those used with Neo4j GraphQL Library with the exception that custom resolvers cannot be used.
++
+If you already have data in the AuraDB, a quick way to obtain type definitions is to use the https://graphql-toolbox.neo4j.io[Neo4j GraphQL Toolbox]. This facility has the ability to connect to an AuraDB, automatically create type definitions and allow GraphQL operations.
++
+Alternatively you can write your own type definitions from first principles by following the guidance provided in xref:index.adoc[Neo4j GraphQL Library] documentation.
++
+If you are using GraphQL Federation then make sure to select **Enable GraphQL subgraph**.
++
+image::aura-graphql/create/type-definitions.png[]
++
+. Cross-Origin Resource Sharing (CORS) policy
++
+If a browser based application will be using this GraphQL API, add an entry in your Cross-Origin Resource Sharing (CORS) policy.
+CORS is a browser-based security mechanism that prevents web pages from accessing resources from a server with a different origin.
+Allow the URL that serves the browser application by adding it to the CORS policy.
+This includes development environments such as node.js, which serves content on your localhost or similar.
+This also holds for using web-based tooling for GraphQL APIs such as https://studio.apollographql.com/[Apollo Studio].
++
+This is not needed if a non-browser-based application is using the GraphQL API as CORS does not apply to those.
+For example, if you are trying out GraphQL operations using cURL.
++
+[NOTE]
+====
+The URL entered in the CORS policy must be an exact match.
+For example, http://localhost is not the same as http://localhost:3000/.
+Wildcards are not supported.
+====
++
+To add a CORS policy entry, enter the exact URL, including HTTP/S and any port number, in the **Origin box**.
+If you need multiple entries, select **Add allowed origin**.
++
+image::aura-graphql/create/cors-policy.png[]
++
+. Authentication providers
++
+All requests to the GraphQL API are authenticated and there are two options for the type of authentication: API key or JSON Web Key Set (JWKS).
+It is possible to use these in combination and have multiples of each.
++
+After choosing the authentication provider from the dropdown list, enter a friendly name.
+This is all that is needed when using API key.
+The API key will be shown after the GraphQL API key has been created.
+If you are using JWKS, provide a friendly name and the URL from your identity provider that is used to verify JWKS tokens.
++
+Add more more providers via **Add authentication provider**.
++
+An authentication provider can be removed by selecting the trash icon.
++
+image::aura-graphql/create/auth-providers.png[]
++
+[CAUTION]
+====
+It is not recommended to use API keys with user-facing applications that are using the GraphQL API.
+This is due to the risk of the API key being visible to malicious users and very little control over GraphQL operations.
+A 3rd party identity provider with JWKS provides better security and allows for granular security rules, based on information within the JWKS token, to be defined within the type definitions to control GraphQL operations.
+====
++
+. Sizing
++
+Sizing a GraphQL API is based on the size and complexity of the type definitions and the workload that is serviced.
+Larger sizes have a higher hourly cost.
+If the cost is not displayed, refer to the agreement you have with Neo4j.
++
+image::aura-graphql/create/sizing.png[]
++
+. Creation
++
+At this point the configuration is complete for the GraphQL API.
+Select **Create** to proceed and create the GraphQL API.
+Alternatively, **Cancel** the process at top right of the page.
++
+. API key
++
+If you chose to use an API key with the GraphQL API it is now displayed.
+Store this information securely as it cannot be retrieved again.
+Select **I understand** and then **Close** once you have done this.
++
+image::aura-graphql/create/save-api-key.png[]
++
+. The GraphQL API will now be provisioned.
+You can see the status via **Data APIs** from the left side navigation.
+When the status changes to "Ready", the API is ready to use.
+If it has a status of 'Error', use the three dots icon and **Edit** from the menu to change the configuration.
+
+
+== Aura CLI
+
+Like the Console, the Aura CLI can also be used to create a GraphQL API.
+There is a difference: on creation, only an API Key authentication provider is created.
+The authentication providers can be modified using subsequent CLI commands.
+
+To create a GraphQL API with the Aura CLI, proceed as follows.
+
+. Find the AuraDB instance ID
++
+From the table, locate the ID of the Aura instance that the GraphQL API will be used with.
++
+[source, bash, indent=0]
+----
+aura-cli instance list
+----
++
+. Save type definitions
++
+To avoid having to encode type definitions into base64 format to use directly with the Aura CLI, save them in a file.
++
+. Create
++
+Provision the GraphQL API, replacing the values in UPPERCASE with your own:
++
+[source, bash, indent=0]
+----
+aura-cli data-api graphql create --name YOUR_FRIENDLY_NAME --instance-id YOUR_AURA_INSTANCE_ID --instance-username YOUR_AURA_INSTANCE_USER --instance-password YOUR_AURA_INSTANCE_PASSWORD --type-definitions-file FULL_PATH_TO_YOUR_TYPE_DEFS
+----
++
+The response shows information about the new GraphQL API.
+Make sure you note the API Key and ID.
++
+. Check progress
++
+To see if the GraphQL API is ready to use, run the following command:
++
+[source, bash, indent=0]
+----
+aura-cli data-api graphql get YOUR_GRAPHQL_API_ID --instance-id YOUR_AURA_INSTANCE_ID
+----
+
+If the status is "Ready", the API is ready to use.
diff --git a/modules/ROOT/pages/getting-started/index.adoc b/modules/ROOT/pages/getting-started/index.adoc
@@ -12,9 +12,10 @@ This tutorial shows you how to:
 - Start an instance of the library to generate a GraphQL schema.
 - Run an instance of a server to execute queries and mutations against your schema.
 
-The tutorial assumes familiarity with command line and JavaScript, and also that you have a recent version of Node.js installed. 
+The tutorial assumes familiarity with the command line and JavaScript, and also that you have a recent version of Node.js installed. 
 The examples use the default `npm` package manager, but you can use another one of choice.
 
+
 == Create a new project
 
 . Create a new directory and `cd` into it:
@@ -39,33 +40,36 @@ npm init es6 --yes
 touch index.js
 ----
 
+
 == Install dependencies
 
-. Install the Neo4j GraphQL Library and its dependencies:
-+
-.. `@neo4j/graphql`: the official Neo4j GraphQL Library package.
-It takes your GraphQL type definitions and generates a schema backed by a Neo4j database.
-.. `graphql`: the package used to generate a schema and execute queries and mutations.
-.. `neo4j-driver`: the official Neo4j Driver package for JavaScript, of which an instance must be passed into the Neo4j GraphQL Library.
+Install the Neo4j GraphQL Library and its dependencies with:
 
-. Install a GraphQL server package to host your schema and allow the execution of queries and mutations against it.
-.. The https://www.apollographql.com/docs/apollo-server/[`@apollo/server`] is the default package for Apollo Server:
-+
 [source, bash, indent=0]
 ----
 npm install @neo4j/graphql graphql neo4j-driver @apollo/server
 ----
 
-. Set up a https://neo4j.com[Neo4j database].
+- `@neo4j/graphql` is the official Neo4j GraphQL Library package.
+It takes your GraphQL type definitions and generates a schema backed by a Neo4j database.
+- `graphql` is the package used to generate a schema and execute queries and mutations.
+- `neo4j-driver` is the official Neo4j Driver package for JavaScript, of which an instance must be passed into the Neo4j GraphQL Library.
+
+Install a GraphQL server package to host your schema and allow the execution of queries and mutations against it.
+The https://www.apollographql.com/docs/apollo-server/[`@apollo/server`] is the default package for Apollo Server.
+
+Set up a https://neo4j.com[Neo4j database].
 Make sure it fulfills the xref::index.adoc#_requirements[requirements], including the necessary plugins.
+Populate the database, for example with the Northwind dataset, available link::https://neo4j.com/docs/getting-started/appendix/example-data/[here].
+
 
 == Set GraphQL type definitions
 
-The Neo4j GraphQL Library is primarily driven by type definitions which map to the nodes and relationships in your Neo4j database. 
+The Neo4j GraphQL Library is driven by type definitions which map to the nodes and relationships in your Neo4j database. 
 To get started, use a simple example with two node types, one with label "Actor" and the other "Movie":
 
-. Open the previously created `index.js` in your editor of choice and write your type definitions. 
-Add all of the necessary package imports:
+. Open the file `index.js` from xref:#_create_a_new_project[] in your editor and write your type definitions. 
+Add all the necessary package imports:
 +
 [source, javascript, indent=0]
 ----
@@ -75,27 +79,29 @@ import { Neo4jGraphQL } from "@neo4j/graphql";
 import neo4j from "neo4j-driver";
 
 const typeDefs = `#graphql
-    type Movie @node {
-        title: String
-        actors: [Actor!]! @relationship(type: "ACTED_IN", direction: IN)
+    type Product @node {
+        productName: String
+        category: [Category!]! @relationship(type: "PART_OF", direction: OUT)
     }
 
-    type Actor @node {
-        name: String
-        movies: [Movie!]! @relationship(type: "ACTED_IN", direction: OUT)
+    type Category @node {
+        categoryName: String
+        products: [Product!]! @relationship(type: "PART_OF", direction: IN)
     }
 `;
 ----
 +
-Note that these type definitions only *define* the node labels "Actor" and "Movie", and a relationship "ACTED_IN" between the two. 
+Note that these type definitions only define the node labels "Product" and "Category", and a relationship "PART_OF" between the two. 
 When the schema is generated, you can then execute queries for `actors` and `movies` to read data from the database.
 
-. Alternatively, you can also automatically generate type definitions from an existing database by xref::introspector.adoc[introspecting the schema].
+. Alternatively, you automatically generate type definitions from an existing database by xref::introspector.adoc[introspecting the schema].
+
 
 == Create an instance of `Neo4jGraphQL`
 
 To create an instance of the Neo4j GraphQL Library, you need a Neo4j driver to connect to your database.
 
+
 === Using AuraDB
 
 . For an AuraDB database, https://neo4j.com/cloud/platform/aura-graph-database/?ref=docs-graphql[create an instance].
@@ -104,6 +110,7 @@ To create an instance of the Neo4j GraphQL Library, you need a Neo4j driver to c
 +
 image::neo4j-aura-dashboard.png[width=500]
 
+
 === Using a Neo4j database
 
 For a database located at the default "neo4j://localhost:7687" (see more about https://neo4j.com/docs/operations-manual/current/configuration/ports[port configuration]), with the username "username" and the password "password", add the following to the bottom of your `index.js` file:
@@ -118,6 +125,7 @@ const driver = neo4j.driver(
 const neoSchema = new Neo4jGraphQL({ typeDefs, driver });
 ----
 
+
 == Create an instance of `ApolloServer`
 
 To create an Apollo Server instance using the generated schema, in which you can execute queries against it, add the following to the bottom of `index.js`:
@@ -135,8 +143,8 @@ const { url } = await startStandaloneServer(server, {
 console.log(`🚀 Server ready at ${url}`);
 ----
 
-== Start the server
 
+== Start the server
 
 Make sure that your `index.js` file looks like this:
 
@@ -285,6 +293,7 @@ Since you only created one "Movie" node and one "Actor", the Response panel show
 }
 ----
 
+
 == Conclusion
 
 This concludes the tutorial.
diff --git a/modules/ROOT/pages/index.adoc b/modules/ROOT/pages/index.adoc
@@ -8,20 +8,20 @@ The Neo4j GraphQL Library is a highly flexible, low-code, open source JavaScript
 With Neo4j as the graph database, the GraphQL Library makes it simple for applications to have data treated as a graph natively from the frontend all the way to storage.
 This avoids duplicate schema work and ensures flawless integration between frontend and backend developers.
 
+// Modify links below
+
 If you are new to Neo4j and GraphQL take a look at xref:getting-started/index.adoc[Creating a new project] and xref:getting-started/toolbox.adoc[Neo4j GraphQL Toolbox] to learn the fundamentals of the Neo4j GraphQL Library and how to create GraphQL APIs backed by a Neo4j graph database.
 
-[NOTE]
-====
-The GRANDstack starter app has been deprecated. 
-For more information, read the section on xref::deprecations.adoc[Deprecations].
-====
 
 == How it works
 
 The Neo4j GraphQL Library requires a set of type definitions that describes the shape of your graph data.
 It can generate an entire executable schema with all of the additional types needed to execute queries and mutations to interact with your Neo4j database.
 
-For every query and mutation that is executed against this generated schema, the Neo4j GraphQL Library generates a single Cypher query which is executed against the database. This eliminates the https://www.google.com/search?q=graphql+n%2B1[N+1 Problem], which can make GraphQL implementations slow and inefficient.
+For every query and mutation that is executed against this generated schema, the Neo4j GraphQL Library generates a single Cypher query which is executed against the database.
+This eliminates the https://www.google.com/search?q=graphql+n%2B1[N+1 Problem], which can make GraphQL implementations slow and inefficient.
+
+The Neo4j GraphQL Library features:
 
 - Automatic generation of xref::queries-aggregations/queries.adoc[Queries] and xref::mutations/index.adoc[Mutations] for CRUD interactions.
 - xref::/types/index.adoc[Types], including temporal and spatial.
@@ -36,19 +36,23 @@ For every query and mutation that is executed against this generated schema, the
 
 == Interaction
 
+// Modify link below and add info about aura graphql
+
 In the xref::getting-started/index.adoc[Getting Started] guide, Apollo Server is used to host the GraphQL schema, so you can interact directly with your API with no frontend.
 In case you prefer to use frontend frameworks, these are some clients that interact with GraphQL APIs:
 
 - https://reactjs.org/[React] - support through https://www.apollographql.com/docs/react/[Apollo Client]
 - https://vuejs.org/[Vue.js] - support through https://apollo.vuejs.org/[Vue Apollo]
 - https://angularjs.org/[AngularJS] - support through https://apollo-angular.com/docs/[Apollo Angular].
 
+
 == Deployment
 
 There are a variety of methods for deploying GraphQL APIs.
 In the xref::getting-started/index.adoc[Getting Started] guide, Apollo Server is being used for demonstration.
 You can check their own documentation about https://www.apollographql.com/docs/apollo-server/deployment[Deployment] for more details.
 
+
 == Versioning
 
 The Neo4j GraphQL Library uses https://semver.org/[Semantic Versioning]. 
@@ -66,17 +70,20 @@ Additionally, prerelease version numbers may have additional suffixes, for examp
 
 `NUMBER` in the suffix is simply an incrementing release number in each phase.
 
+
 == Requirements
 
 . https://neo4j.com/deployment-center/#gdb-selfmanaged[Neo4j Database] or https://neo4j.com/product/auradb/[Neo4j AuraDB] version 5.x with APOC core plugin. Note that with version 5.15 or higher you are using using the xref:/directives/indexes-and-constraints.adoc#_vector_index_search[`@vector` directive].
 . https://nodejs.org/en/[Node.js] 20+.
 
+
 == Resources
 
 . https://github.com/neo4j/graphql[GitHub]
 . https://github.com/neo4j/graphql/issues[Issue Tracker]
 . https://www.npmjs.com/package/@neo4j/graphql[npm package]
 
+
 == License
 
 ifndef::backend-pdf[]
