ASP.NET Core Integration

The GraphQL.Server project provides middleware and supporting infrastructure for hosting GraphQL endpoints in ASP.NET Core applications. It includes support for GraphQL queries, mutations, subscriptions, and popular GraphQL IDEs like GraphiQL.

For complete documentation, samples, and advanced configuration options, please refer to the server repository README.

Quick Start

Below is a complete sample of a .NET 10 console app that hosts a GraphQL endpoint at http://localhost:5000/graphql:

Project file

<Project Sdk="Microsoft.NET.Sdk.Web">

  <PropertyGroup>
    <TargetFramework>net10.0</TargetFramework>
    <ImplicitUsings>enable</ImplicitUsings>
    <Nullable>enable</Nullable>
  </PropertyGroup>

  <ItemGroup>
    <PackageReference Include="GraphQL.Server.All" Version="8.3.3" />
  </ItemGroup>

</Project>

Program.cs file

using GraphQL;

var builder = WebApplication.CreateBuilder(args);
builder.Services.AddGraphQL(b => b
    .AddAutoSchema<Query>()  // schema
    .AddSystemTextJson());   // serializer

var app = builder.Build();
app.UseDeveloperExceptionPage();
app.UseWebSockets();
app.UseGraphQL("/graphql");            // url to host GraphQL endpoint
app.UseGraphQLGraphiQL(
    "/",                               // url to host GraphiQL at
    new GraphQL.Server.Ui.GraphiQL.GraphiQLOptions
    {
        GraphQLEndPoint = "/graphql",         // url of GraphQL endpoint
        SubscriptionsEndPoint = "/graphql",   // url of GraphQL endpoint
    });
await app.RunAsync();

Schema

public class Query
{
    public static string Hero() => "Luke Skywalker";
}

Sample request url

http://localhost:5000/graphql?query={hero}

Sample response

{"data":{"hero":"Luke Skywalker"}}

Authorization

The GraphQL.Server library includes comprehensive authorization support that integrates seamlessly with ASP.NET Core's authentication and authorization infrastructure. The library provides validation rules that automatically enforce authorization policies defined in your GraphQL schema, leveraging the built-in ASP.NET Core authentication mechanisms.

You can secure your GraphQL fields and types using authorization attributes, and the server will validate these during query execution using the authenticated user context from ASP.NET Core. This allows you to protect your GraphQL API using the same authentication methods (JWT, cookies, etc.) and authorization policies you use throughout your ASP.NET Core application.

For detailed information on configuring authorization, see the server repository documentation.

Additional Resources

The GraphQL.Server repository contains extensive documentation covering:

  • Configuration options
  • WebSocket support for subscriptions
  • Authorization and authentication
  • Multiple UI options (GraphiQL, Playground, Altair, Voyager)
  • Sample projects and templates
  • Performance optimization
  • Error handling
  • And much more

Please visit the server repository for detailed information and examples.

Edit this page on GitHub