Moped Documentation
  • Welcome 👋
  • User Guides
    • Getting started
    • Map a project
  • Product Management
    • User communication
    • User management
    • User analytics
    • Local testing
    • Release process
    • Patch release process
    • Integrations
      • Dataset documentation
      • ArcGIS Online
      • eCapris
    • Features
  • Dev Guides
    • DB Docs & Data dictionary
    • Database backup policy
    • Moped Read Replica
    • How-to's
      • How do I start the Hasura cluster locally?
      • How do I launch the Hasura Console?
      • How do I generate an SSH key? (Mac)
      • How do I get a JWT token?
      • How to ping the GraphQL API
      • How to ping the REST API
      • How do I connect a database with Postgres GUIs?
      • How do I connect to the RDS instance?
      • How to load production data into a local instance
      • How do I update seed data?
    • Hasura
      • Hasura Roles
      • Hasura Migrations
        • Getting Started
        • Installing the Hasura CLI
        • Configuration Files
        • Hasura Migration Principles
        • The Migration file format
        • Development
        • Hasura Seed Data
        • Running the Hasura Cluster Locally (video)
        • Create a migration: Exercise 1 (video)
        • Create a migration: Exercise 2 (video)
        • Latest hasura-cluster features
    • User Management
    • Authentication
      • Authentication Architecture
      • DynamoDB & Cognito
      • Secrets Manager & Cognito
      • Hasura & Cognito
      • React & Cognito
      • Flask API & Cognito
      • Single Sign-On with CTM
    • Code organization
    • API
      • Configuration Files
      • Testing
      • User Management API
    • Maps and geospatial data
      • Access tokens and API keys
      • Map libraries
      • Map data
      • Map styles
      • Map layers and basemaps
      • React patterns
      • V1 Archive
        • Map libraries
        • Map data
        • Map custom hooks
        • Map styles
        • Map layers and basemaps
    • UI access control
    • Design system
      • Branding
      • Component styles
      • Text content
    • Activity Log
      • Architecture
      • GitHub Actions and Deployment of Updates
      • Hasura Event Logs and Truncate Cron Job
      • Authentication
  • See also
  • Get Moped support, report a bug, or request an enhancement
  • Data & Technology Services
  • Github repository
Powered by GitBook
On this page

Was this helpful?

  1. Dev Guides
  2. Activity Log

Authentication

To authenticate requests sent by Hasura Event Triggers, an API key is used that we generate. This key is available to the Moped API (Flask app) and the Hasura GraphQL Engine ECS Task Definition.

How the Moped API gets the API key

  • MOPED_API_HASURA_APIKEY is set in the environment variables of the Moped API (Flask app)

  • The Moped API /event/ route code gets the MOPED_API_HASURA_APIKEY and compares it to MOPED_API_APIKEY which is retrieved from the request header from the request sent from the Hasura Event Trigger

  • See https://github.com/cityofaustin/atd-moped/blob/main/moped-api/events/events.py#L40-L53

  • If these keys do not match, the request is rejected and a 403 response is sent

How the Moped Hasura GraphQL Engine gets the API key

  • The API key is set in the ECS Task Definition of the Moped Hasura GraphQL Engine

  • If you look at the ECS Task Definition JSON tab, you will find a secrets key with values that are injected as environment variables

  • These secrets are injected from entries in AWS Systems Manager Parameter Store

  • Hasura sends the API key in Event Trigger request headers

PreviousHasura Event Logs and Truncate Cron Job

Last updated 2 years ago

Was this helpful?