Umbraco Heartcore
CMSCloudDXP
  • What is Umbraco Heartcore?
    • Compare with Umbraco CMS
  • Versions and updates
  • Getting Started
    • API Browser
    • Backoffice Users and API Keys
    • Building a project from scratch
    • Environments
    • GraphQL Playground
    • Preview
    • The Umbraco Cloud Portal
    • Tour of the Backoffice
    • Using the Forms API
    • Webhooks
    • Deployment workflow
      • Content and media transfer / restore
      • Structure deployments
  • API Documentation
    • API Documentation
      • Rate Limits
    • Content Delivery
      • Content
      • Media
      • Redirect API
    • Content Management
      • Umbraco Forms
      • Languages
      • Content
        • Content Types
      • Media
        • Media Types
      • Members
        • Member Groups
        • Member Types
      • Relations
        • Relation Types
    • GraphQL API
      • Filtering and Ordering
      • Property Editors
      • Schema Generation
      • Persisted Queries
  • Backoffice
    • Custom Grid Editors
  • Client Libraries
    • Client Libraries
    • .NET Core Console Application
    • Node.js Client library
    • .NET Client library
      • MVC Sample
      • Content Management Sample
  • Tutorials
    • Custom Grid Editors
    • Querying with GraphQL
    • Creating content with media
  • Release Notes
    • February 2024
    • April 2024
    • August 2024
    • September 2024
    • April 2025
Powered by GitBook
On this page
  • Why use persisted queries?
  • Enable Persisted queries only

Was this helpful?

Edit on GitHub
Export as PDF
  1. API Documentation
  2. GraphQL API

Persisted Queries

Documentation for Persisted queries in Umbraco Heartcore

PreviousSchema GenerationNextCustom Grid Editors

Last updated 6 months ago

Was this helpful?

Persisted queries allow you to store GraphQL queries on the server. This enables clients to execute them by referencing an alias rather than sending the full query each time. this approach streamlines client-server communication and enhances security.

Why use persisted queries?

  • Reducing the payload size

    • You minimize the data transmitted over the network by sending only the alias and necessary variables. This reduction in payload size leads to faster request times and is particularly beneficial for mobile applications or environments with limited bandwidth.

  • Enhanced Security

    • Persisted queries provide improved security by ensuring that only predefined, server-stored GraphQL queries can be executed, preventing clients from running arbitrary or malicious queries.

To fully benefit from this, the content delivery API must be set to private, and GraphQL must be configured only to allow persisted queries. Without these settings in place, the security advantages of using persisted queries are not realized.

Enable Persisted queries only

In order to fully benefit from the security enhancement that comes with persisted queries you need to enable the Only allow GraphQL persisted queries setting. This can be done from the headless options section within the backoffice

Please be aware this will also disable the execution of queries in the playground.

Headless settings section