Subgraphs
GraphQL Endpoints
All subgraphs come with a GraphQL interface that allows you to query the data in the subgraph. Traditionally these GraphQL
interfaces are completely public and can be accessed by anyone. Goldsky supports public GraphQL endpoints for both
subgraphs and their tags.
In general, public endpoints come in the form of 
Private subgraphs endpoints follow the same format as public subgraph endpoints except they start with
Public endpoints
For example, in the Goldsky managed community project there exists theuniswap-v3-base/1.0.0 subgraph with a tag of prod.
This subgraph has a public endpoint
and the tag prod also has a public endpoint.
In general, public endpoints come in the form of https://api.goldsky.com/api/public/<project_id>/subgraphs/<subgraph name>/<version or tag>/gn
Goldsky adds rate limiting to all public endpoints to prevent abuse. We currently have a default rate limit of 50 requests per 10 seconds.
This can be unlocked by contacting us at support@goldsky.com.
One major downside of public endpoints is that they are completely public and can be accessed by anyone. This means that
anyone can query the data in the subgraph and potentially abuse the endpoint. This is why we also support private endpoints.
[BETA] Private endpoints
Private endpoints are only accessible by authenticated users. This means that you can control who can access the data in your subgraph. Private endpoints are only available to users who have been granted access to the subgraph. Accessing a private endpoint requires sending anAuthorization header with the GraphQL request. The value of the Authorization
header should be in the form of Bearer <token> where the token is an API token that has been generated through
Goldsky project general settings. Remember that API tokens are scoped to specific projects. This means an API
token for projectA cannot be used to access the private endpoints of subgraphs in projectB.
Private endpoints can be toggled on and off for each subgraph and tag. This means that you can have a mix of public and
private endpoints for your subgraph. For example, you can have a public endpoint for your subgraph and a private endpoint
for a specific tag.
Here’s an example of how to access a private endpoint using the GraphiQL interface:
Private subgraphs endpoints follow the same format as public subgraph endpoints except they start with /api/private
instead of /api/public. For example, the private endpoint for the prod tag of the uniswap-v3-base/1.0.0 subgraph
would be https://api.goldsky.com/api/private/project_cl8ylkiw00krx0hvza0qw17vn/subgraphs/uniswap-v3-base/1.0.0/gn.
Revoking access
To revoke access to a private endpoint you can simply delete the API token that was used to access the endpoint. If you don’t know which key is used to access the endpoint, you’ll have to revoke all API tokens for all users that have access to the project. While this step is not ideal during this beta, this step will be addressed before this feature reaches general availability.Enabling and disabling public and private endpoints
By default, all new subgraphs and their tags come with the public endpoint enabled and the private endpoint disabled. Both of these settings can be changed using the CLI and the webapp. To change either setting, you must haveEditor permissions.
CLI
To toggle one of these settings using the CLI you can use thegoldsky subgraph update command with the
--public-endpoint <disabled|enabled> flag and/or the --private-endpoint <disabled|enabled> flag. Here’s a complete example
disabling the public endpoint and enabling the private endpoint for the prod tag of the uniswap-v3-base/1.0.0 subgraph: