Create GraphQL or Subgraph credential
How to setup a pull-based SubGraph or GraphQL-sourced credential
Introductions
GraphQL-sourced credential, including Subgraph credential, is a way for Galxe to pull data from your GraphQL endpoint (or any endpoint that you are legally allowed to use). When a user tries to verify himself on Galxe, Galxe will construct a GraphQL Query, where the address of the user will be passed in as the argument, and send it to the specified endpoint. After response is received, it will be passed to the Javascript expression, where it will return 0(false)/1(true) to indicate whether the wallet address is eligible.
The workflow is
GraphQL Endpoint (HTTPs):
Please note that for custom ports, we only support 80, 443, and 8000.
It’s the HTTPs endpoint where Subgraph queries go to, see the example below.
For security reasons, you must add https://dashboard.galxe.com to the API server’s Access-Control-Allow-Origin
header to avoid CORS issues. Please note that you will also need to set the access-control-allow-methods
, as if we are sending a preflight request. We will perform a CORS check during the creation process, and if it’s not included, the creation will fail.
Please note that when we check the endpoint, we always send a preflight request, ignoring the so-called simple_requests convention, for security reasons. You might see that your configuration works ok when clicking test button in our app, but later failed to save. We always encourage you to use the following cURL command to check if the endpoint is compliant.
To check if it is compliant, you can use cURL:
And we require that requests must be responded to within 5 seconds; otherwise, we will cancel the request.
Please note that for addresses encoded with case-insensitive schema, like EVM and aptos addresses that are 0x-prefixed hex string, addresses will be lowercased before sending to the endpoint.
NOTE: If you saw a error when testing the API during creating a credential, check if the endpoint is a valid GraphQL API endpoint. Common misconfigurations include
- incorrectly used a GraphQL playground url, that usually ends with
/graph
, - incorrectly used a URL to the subgraph explorer page, like
https://thegraph.com/explorer/***
. Usually, the correct endpoint from subgraph is like thishttps://api.thegraph.com/subgraphs/***
Query:
The GraphQL query, that it must take a single wallet address as input. For more detials, please refer to Querying The Graph. In dashboard, once you finish your query, fill in a test address and click ‘Run’ button to check if the query’s response is expected.
Expression:
Expression is used to evaluate against the reponse to check if the address is eligible for the credential. It is a JavaScript (ES6) function of type signature: (object) => int
. The function should return either number 1 or 0, representing if the address is eligible for this subgraph credential. Do not return true
or false
, neither string-typed "0"
or "1"
. Behind the scenes, first, we send the query with the user’s address to the GraphQL endpoint, and then we will apply the function against the data
field of the GraphQL HTTP response. If the returned value is 1, then user can own this credential, otherwise not. The function must be anonymous, which means that the first line of the expression should be like function(data) {}
, instead of let expression = (data) => {}
.
Subgraph Examples
Endpoint
Query
Query output
Single Expression
Single Expression output
Multi Expression
Multi Expression
FAQ: Users getting 403 error?
Make sure the endpoint has whitelisted our server: