The CData Sync App provides a straightforward way to continuously pipeline your GraphQL data to any database, data lake, or data warehouse, making it easily available for Analytics, Reporting, AI, and Machine Learning.
The GraphQL connector can be used from the CData Sync application to pull data from GraphQL and move it to any of the supported destinations.
Create a connection to GraphQL by navigating to the Connections page in the Sync App application and selecting the corresponding icon in the Add Connections panel. If the GraphQL icon is not available, click the Add More icon to download and install the GraphQL connector from the CData site.
Required properties are listed under the Settings tab. The Advanced tab lists connection properties that are not typically required.
Set the following to connect:
When connecting via a Web application, or if the Sync App is not authorized to open a browser window, use the provided stored procedures to get and manage the OAuth token values.
Note: You can extend the stored procedure schemas to set defaults for the OAuth URLs or other connection string properties. See Operations for a guide.
Set Up the OAuth Flow
Provide the OAuth URLs to authenticate in the Web flow.
In addition to the OAuth URLs, set the following additional connection properties to obtain the OAuthAccessToken:
You can then call stored procedures to complete the OAuth exchange:
Call the GetOAuthAccessToken stored procedure. Set the AuthMode input to WEB.
In OAuth 1.0, set the Verifier input to the "oauth_verifier" parameter. Extract the verifier code from the callback URL. Additionally, set the AuthToken and AuthSecret to the values returned by GetOAuthAccessToken.
In OAuth 2.0, set the Verifier input to the "code" parameter in the query string of the callback URL.
The OAuthAccessToken returned by GetOAuthAccessToken has a limited lifetime. To automatically refresh the token, set the following on the first data connection.
OAuth Endpoints
OAuth Tokens and Keys
Alternatively, use the RefreshOAuthAccessToken stored procedure to manually refresh the token.
Initiate OAuth
On subsequent data connections, set the following:
To create GraphQL data sources on headless servers or other machines on which the Sync App cannot open a browser, you need to authenticate from another machine. Authentication is a two-step process.
Option 1: Obtain and Exchange a Verifier Code
Set the following properties on the headless machine:
You can then follow the steps below to authenticate from another machine and obtain the OAuthVerifier connection property.
On the headless machine, set the following connection properties to obtain the OAuth authentication values:
Connect to Data
After the OAuth settings file is generated, set the following properties to connect to data:
Option 2: Transfer OAuth Settings
Follow the steps below to install the Sync App on another machine, authenticate, and then transfer the resulting OAuth values.
On a second machine, install the Sync App and connect with the following properties set:
Test the connection to authenticate. The resulting authentication values are written, encrypted, to the path specified by OAuthSettingsLocation. After you have successfully tested the connection, copy the OAuth settings file to your headless machine. On the headless machine, set the following connection properties to connect to data:
When connecting via a Web application, or if the Sync App is not authorized to open a browser window, use the provided stored procedures to get and manage the OAuth token values.
Note: You can extend the stored procedure schemas to set defaults for the OAuth URLs or other connection string properties. See Operations for a guide.
Set Up the OAuth Flow
Provide the OAuth URLs to authenticate in the Web flow:
In addition to the OAuth URLs, set OAuthClientId to the client Id in your application settings to obtain the OAuthAccessToken.
You can then call stored procedures to complete the OAuth exchange:
Call the GetOAuthAccessToken stored procedure.
Set the AuthMode input to WEB.
Set the Verifier input to the value of the "code" parameter in the query string of the callback URL.
Set the PKCEVerifier input to the value generated after calling the GetOAuthAuthorizationURL stored procedure.
The OAuthAccessToken returned by GetOAuthAccessToken has a limited lifetime. To automatically refresh the token, set the following on the first data connection.
OAuth Endpoints
OAuth Tokens and Keys
Alternatively, use the RefreshOAuthAccessToken stored procedure to manually refresh the token.
Initiate OAuth
On subsequent data connections, set the following:
If you want to use the Sync App with a user registered in a User Pool in AWS Cognito, set the following properties to authenticate:
This section shows how to control the various schemas that the Sync App offers to bridge the gap between relational SQL and GraphQL services.
GraphQL services offer a introspection query service which the Sync App can use to obtain view and column names.
All SCALAR mutation fields are exposed directly, and all object fields are expanded.
The Sync App will automatically scan for available Using Mutations. Given that there is no method provided by GraphQL for determining which mutations can be used for each table, each mutation is exposed as a stored procedure.
LIST fields are exposed as temporary tables (GraphQL tables of type TEMPORARY_TABLE). The discovered temporary tables can be obtained by querying the sys_tables and sys_tablecolumns system tables.
Operations details the process for configuring custom schema files. Setting up these custom schema files is a required step in establishing a connection to GraphQL data.
See System Tables to query the current table metadata.
By default, the Sync App will automatically read metadata from GraphQL.
GraphQL services offer a introspection query service which the Sync App can use to obtain view and column names.
A GraphQL introspection query service has a query object at its root. Other objects are nested into the root query object, which can in turn have their own nested objects.
The Sync App reads LIST or Relay Connection type objects as views. If a field is SCALAR, it's read as a column, and if a field is a simple OBJECT, it is expanded.
Set the metadata introspection depth as follows:
The Sync App will automatically scan for available mutations. Given that there is no method provided by GraphQL for determining which mutations can be used for each table, each mutation is exposed as a stored procedure.
All SCALAR mutation fields are exposed directly, and all object fields are expanded.
LIST fields are exposed as temporary tables (GraphQL tables of type TEMPORARY_TABLE). The discovered temporary tables can be obtained by querying the sys_tables and sys_tablecolumns system tables. These tables contain a RowId and ParentId field to denote the row and housing (parent) table of a given child table.
An example of a mutation is productCreate. Invoke mutations as a stored procedure after first loading the relevant child tables needed for the operation:
INSERT INTO productCreate_metafields(namespace,key,value,type) VALUES('MRproductInfo','ALU','449788022','string') INSERT INTO productCreate_variants(RowId,price,sku,inventoryManagement,weightUnit,weight,options,metafields,inventoryQuantities) VALUES(1,'39.99','38536314-0acb-4d3f-b8ff-a0f2014d2c75','SHOPIFY','POUNDS',1,'L,XL,XXL','productCreate_variants_metafields','productCreate_variants_inventoryQuantities') INSERT INTO productCreate_variants_metafields(ParentId,namespace,key,value,type) VALUES('1','MRproductInfo','ALU','449788022-M-','string') INSERT INTO productCreate_variants_metafields(ParentId,namespace,key,value,type) VALUES('1','MRproductInfo','ItemNumber','400000881201','string') INSERT INTO productCreate_variants_inventoryQuantities(ParentId,locationId,availableQuantity) VALUES('1','gid://shopify/Location/1448280087',5) INSERT INTO productCreate_media(originalSource,alt,mediaContentType) VALUES('https://static.nike.com/a/images/t_PDP_1280_v1/f_auto,q_auto:eco/qwqfyddzikcgc4ozwigp/revolution-5-road-running-shoes-szF7CS.png','Magic Shoes','IMAGE') EXECUTE productCreate title='NIKE - 449788022', descriptionHtml=' - MEN\\'S SHOES 42-MENS L/S TEES',productType='Staging', vendor='NIKE', published='false', options='size,width',metafields='productCreate_metafields', variants='productCreate_variants', media='productCreate_media'
Custom schemas are defined in configuration files. This chapter outlines the structure of these files.
Note: The GenerateSchemaFiles property enables you to persist table metadata in static schema files that are easy to customize (to persist your changes to column data types, for example). Set this property to "OnStart" to generate schema files for all tables in your database at connection.
Alternatively, set this property to "OnUse" to generate schemas as you execute SELECT queries to tables. It is also possible to create a specific schema file for a table using the CreateSchema stored procedure.
Tables and views are defined by authoring schema files in APIScript. APIScript is a simple configuration language that allows you to define the columns and the behavior of the table. It also has built-in Operations that enable you to process GraphQL. In addition to these data processing primitives, APIScript is a full-featured language with constructs for conditionals, looping, etc. However, as shown by the example schema, for most table definitions you will not need to use these features.
Below is a fully functional table schema that models the Labels table and contains all the components you will need to execute SQL to GraphQL data sources.
You can find more information on each of the components of a schema in Column Definitions, SELECT Execution.
<rsb:script xmlns:rsb="http://apiscript.com/ns?v1" xmlns:xs="http://www.cdata.com/ns/rsbscript/2" xmlns:other="http://apiscript.com/ns?v1">
<rsb:info title="Labels" desc="Lists information about the different labels you can apply on an issue." other:possiblePaths="{'path':'/repository/labels/edges/node','Name':{'path':'/repository/label'}}" other:paginationObjects="{'labels':{'cursorName':'after','cursorType':'String','pageSizeArgumentName':'first','pageSizeArgumentType':'Int','depth':'1','paginationType':'Cursor','isConnection':'True','pageInfo':['endCursor','hasNextPage','hasPreviousPage','startCursor']}}">
<attr name="Id" xs:type="string" key="true" other:relativePath="id" desc="The ID of the label." />
<attr name="RepositoryName" xs:type="string" other:relativePath="name" desc="The name of the repository." other:filter="name:=" other:argumenttype="String!" other:depth="1" references="Repositories.Name" />
<attr name="UserLogin" xs:type="string" desc="The login name of the user." other:filter="owner:=" other:argumenttype="String!" other:depth="1" references="Users.Login" other:mirror="true" other:canBeSliced="true" />
<attr name="Color" xs:type="string" other:relativePath="color" desc="Identifies the label color." />
<attr name="CreatedAt" xs:type="datetime" other:relativePath="createdAt" desc="Identifies the date and time when the label was created." other:orderby="CREATED_AT" />
<attr name="Description" xs:type="string" other:relativePath="description" desc="A brief description of this label." />
<attr name="IsDefault" xs:type="boolean" other:relativePath="isDefault" desc="Indicates whether or not this is a default label." />
<attr name="Name" xs:type="string" other:relativePath="name" desc="Identifies the label name." other:filter="name:=" other:argumenttype="String!" other:orderby="NAME" other:isPathFilter="true" />
<attr name="ResourcePath" xs:type="string" other:relativePath="resourcePath" desc="The HTTP path for this label." />
<attr name="UpdatedAt" xs:type="datetime" other:relativePath="updatedAt" desc="Identifies the date and time when the label was last updated." />
<attr name="Url" xs:type="string" other:relativePath="url" desc="The HTTP URL for this label." />
</rsb:info>
<rsb:script method="GET">
<rsb:push op="graphqladoSelect" />
</rsb:script>
</rsb:script>
The basic attributes of a column are the name of the column, the data type, whether the column is a primary key, the relative path and the depth. The Sync App uses the depth attribute to extract nodes from hierarchical data.
Mark up column attributes in the block of the schema file. You can also provide a description of each attribute using the desc property.
<rsb:script xmlns:rsb="http://apiscript.com/ns?v1" xmlns:xs="http://www.cdata.com/ns/rsbscript/2" xmlns:other="http://apiscript.com/ns?v1">
<rsb:info title="Labels" desc="Lists information about the different labels you can apply on an issue." other:possiblePaths="{'path':'/repository/labels/edges/node','Name':{'path':'/repository/label'}}" other:paginationObjects="{'labels':{'cursorName':'after','cursorType':'String','pageSizeArgumentName':'first','pageSizeArgumentType':'Int','depth':'1','paginationType':'Cursor','isConnection':'True','pageInfo':['endCursor','hasNextPage','hasPreviousPage','startCursor']}}">
<attr name="Id" xs:type="string" key="true" other:relativePath="id" desc="The ID of the label." />
<attr name="RepositoryName" xs:type="string" other:relativePath="name" desc="The name of the repository." other:filter="name:=" other:argumenttype="String!" other:depth="1" references="Repositories.Name" />
<attr name="UserLogin" xs:type="string" desc="The login name of the user." other:filter="owner:=" other:argumenttype="String!" other:depth="1" references="Users.Login" other:mirror="true" other:canBeSliced="true" />
<attr name="Color" xs:type="string" other:relativePath="color" desc="Identifies the label color." />
<attr name="CreatedAt" xs:type="datetime" other:relativePath="createdAt" desc="Identifies the date and time when the label was created." other:orderby="CREATED_AT" />
<attr name="Description" xs:type="string" other:relativePath="description" desc="A brief description of this label." />
<attr name="IsDefault" xs:type="boolean" other:relativePath="isDefault" desc="Indicates whether or not this is a default label." />
<attr name="Name" xs:type="string" other:relativePath="name" desc="Identifies the label name." other:filter="name:=" other:argumenttype="String!" other:orderby="NAME" other:isPathFilter="true" />
<attr name="ResourcePath" xs:type="string" other:relativePath="resourcePath" desc="The HTTP path for this label." />
<attr name="UpdatedAt" xs:type="datetime" other:relativePath="updatedAt" desc="Identifies the date and time when the label was last updated." />
<attr name="Url" xs:type="string" other:relativePath="url" desc="The HTTP URL for this label." />
</rsb:info>
<rsb:script method="GET">
<rsb:push op="graphqladoSelect" />
</rsb:script>
</rsb:script>
The following sections provide more detail on using paths to extract columns and rows. To see the column definitions in a complete schema, refer to Customizing Schemas.
The other:possiblePaths property is used to specify the base paths that select the column's value.
Base paths start with a '/' and contain the full path to the last GraphQL nested object.
<rsb:info title="Labels" desc="Lists information about the different labels you can apply to an issue." other:possiblePaths="{'path':'/repository/labels/edges/node','Name':{'path':'/repository/label'}}" other:paginationObjects="{'labels':{'cursorName':'after','cursorType':'String','pageSizeArgumentName':'first','pageSizeArgumentType':'Int','depth':'1''paginationType':'Cursor','isConnection':'True','pageInfo':['endCursor','hasNextPage','hasPreviousPage','startCursor']}}">
The following GraphQL query is based on the above script example:
{ # base path=/repository/labels/edges/node repository { labels { edges { node { ... } } } } }
The other:relativePath property must be specified for each column. This property is used in conjuction with the other:possiblePaths property to build the GraphQL field path.
<attr name="Name" xs:type="string" other:relativePath="name" desc="Identifies the label name." />
Based on the above script example the Sync App will build the following GraphQL query:
{ # base path=/repository/labels/edges/node repository { # depth=1 labels { # depth=2 edges { node { name # path=base path + relative path. } } } } }
Use the other:depth property to specify an element inside a specific GraphQL object. The indexes are 1-based. If this attribute is not specified then the default value will be equal to the last nested GraphQL object.
<attr name="RepositoryName" xs:type="string" other:relativePath="name" desc="The name of the repository." other:depth="1" />
The following GraphQL query is built from the above script example:
{ # base path=/repository/labels/edges/node repository { # depth=1 name # This is mapped to the RepositoryName column labels { # depth=2 edges { node { ... } } } } }
Use the other:fragment property to specify a group of fields. This property can be used when the GraphQL server returns an array of objects and the Sync App may need to push this info as an aggregate.
<attr name="ColumnValues" xs:type="string" other:relativePath="column_values" desc="Column values." other:fragment="fragment ItemColumnValues on ColumnValue { id \\r\\n value }" />
Based on the above script example, the Sync App will build the following GraphQL query:
query { items { column_values { ...ItemColumnValues } } } fragment ItemColumnValues on ColumnValue { id value }
Use the other:canbesliced property enable slicing behavior in the Sync App
For example,
SELECT * FROM Table WHERE Col IN ('1','2','3')becomes
SELECT * FROM Table WHERE Col=1 SELECT * FROM Table WHERE Col=2 SELECT * FROM Table WHERE Col=3
Use the other:mirror property to reflect the value specified in the criteria. Use on columns that are not specified in the server response.
For example:
SELECT * FROM Table WHERE Col=X (If other:mirror=true the Sync App will artificially set the value of Col to X for every row.)
Use references to reference the key column of the parent table. Example: If there are two tables Orders and OrderLineItems and the OrderLineItems has a column OrderId, the references field for this column will be "Orders.Id".
Notes:
When a SELECT query is issued, the Sync App executes the GET method of the schema, which invokes the Sync App's built-in operations to process GraphQL. In the GET method you have control over the request for data. The following procedures show several ways to use this: search the remote data, server-side, with SELECT WHERE, or implement paging.
The following sections show how to translate a SELECT WHERE statement into a GraphQL query to GraphQL APIs. The procedure uses the following statement:
SELECT * FROM <table> WHERE ModifiedAt<'2019-10-30 05:05:36.001'
If this filter is supported on the server via query parameters, you can use the other:filter property of the api:info column definition to specify the desired mapping. For the above query, the Sync App will use this property to map the modifiedAt < '<date>' filter to the query parameter that returns results that were modifed before a given date, and the modifedAt > '<date>' filter to the query parameter that filters results that were modifed after.
To perform this mapping, the Sync App would use the following markup for the modifedAt column definition:
<attr name="ModifiedAt" xs:type="datetime" other:relativePath="modifiedAt" other:argumentType="DateTime" description="When the vendor was last modified." other:filter="modifiedAtAfter:>;modifiedAtBefore:<" />
This query results in the following postdata:
{ "variables": { "ModifiedAt_modifiedAtBefore": "2019-10-30T09:05:36.001Z" }, "query": "query($ModifiedAt_modifiedAtBefore:DateTime) {\r\nbusinesses {\r\nedges {\r\nnode {\r\ncustomers(modifiedAtBefore:$ModifiedAt_modifiedAtBefore) {\r\nedges {\r\nnode {\r\nid\r\nmodifiedAt\r\n}\r\n}\r\npageInfo {\r\ntotalPages\r\ncurrentPage\r\n}\r\n}\r\nid\r\n}\r\n}\r\npageInfo {\r\ntotalPages\r\ncurrentPage\r\n}\r\n}\r\n}\r\n" }
Ex: other:possiblepaths="{'path':'/businesses/edges/node','id':{'path':'/business'}}"
<attr name="Id" xs:type="string" key="true" other:relativePath="id" other:isPathFilter="true" other:filter="id:=" />
SELECT Id,Name,CreatedAt FROM Businesses WHERE Id='QnVzaW5M6ZTY4ZDA2MmQtYzkzZS00MGZkLTk4YWUtNDg2YzcxMmExNzFl'will be converted to the postdata:
{ "variables": { "Id_id": "QnVzaW5M6ZTY4ZDA2MmQtYzkzZS00MGZkLTk4YWUtNDg2YzcxMmExNzFl" }, "query": "query($Id_id:ID) {\r\nbusiness(id:$Id_id) {\r\nid\r\nname\r\ncreatedAt\r\n}\r\n}\r\n" }
The driver supports two pagination modes.
other:paginationObjects = "{ 'labels': { 'cursorName': 'after', 'cursorType': 'String', 'pageSizeArgumentName': 'first', 'pageSizeArgumentType': 'Int', 'depth':'1', 'paginationType': 'Cursor', 'isConnection': 'True', 'pageInfo': ['endCursor', 'hasNextPage', 'hasPreviousPage', 'startCursor'] } }"The following postdata will be generated after processing the other:paginationObjects table extra info specified above:
{ "variables": { "UserLogin_owner": "testaccount71", "RepositoryName_name": "test", "first": <Pagesize> }, "query": "query($UserLogin_owner:String!, $RepositoryName_name:String!, $first:Int) {\r\nrepository(owner:$UserLogin_owner, name:$RepositoryName_name) {\r\nlabels(first:$first) {\r\nedges {\r\nnode {\r\nid\r\ncolor\r\ncreatedAt\r\ndescription\r\nisDefault\r\nname\r\nresourcePath\r\nupdatedAt\r\nurl\r\n}\r\n}\r\npageInfo {\r\nendCursor\r\nhasNextPage\r\n}\r\n}\r\nname\r\n}\r\n}\r\n" }
other:paginationObjects="{ 'businesses': { 'offsetArgumentName': 'page', 'offsetArgumentType': 'Int', 'pageSizeArgumentName': 'pageSize', 'pageSizeArgumentType': 'Int', 'depth':'1', 'paginationType': 'Offset', 'isConnectionObject': 'True', 'pageInfo': ['currentPage', 'totalPages', 'totalCount'] } }"The following postdata will be generated after processing the other:paginationObjects table extra info specified above:
{ "variables": { "pageSize_1": <Pagesize> }, "query": "query($pageSize_1:Int) {\r\nbusinesses(pageSize:$pageSize_1) {\r\nedges {\r\nnode {\r\nid\r\n}\r\n}\r\npageInfo {\r\ntotalPages\r\ncurrentPage\r\n}\r\n}\r\n}\r\n" }
<rsb:info title="Labels" desc="Lists information about the different labels you can apply on an issue." other:orderByFormat="{field: {orderByArgumentValue}, direction: {sortOrder}}"> <attr name="CreatedAt" xs:type="datetime" other:relativePath="createdAt" other:orderByFormat="{field: {orderByArgumentValue}, direction: {sortOrder}}" other:orderBy="orderBy:CREATED_AT" />
<attr name="CreatedAt" xs:type="datetime" other:relativePath="createdAt" other:orderBy="orderBy:CREATED_AT" />
SELECT Id FROM Labels ORDER BY CreatedAt ASCwill be converted to the postdata:
{ "variables": { "first": <Pagesize> }, "query": "query($first:Int) {\r\nrepository {\r\nlabels(sort:{field: CREATED_AT, direction: ASC}, first:$first) {\r\nedges {\r\nnode {\r\nid\r\n}\r\n}\r\npageInfo {\r\nendCursor\r\nhasNextPage\r\n}\r\n}\r\n}\r\n}\r\n" }
The Sync App has high-performance operations for processing GraphQL data sources. These operations are platform neutral: Schema files that invoke these operations can be used in both .NET and Java. You can also extend the Sync App with your own operations written in .NET or Java.
The Sync App has the following operations:
Operation Name | Description | |
OAuthGetAccessToken | For OAuth 1.0, exchange a request token for an access token. For OAuth 2.0, get an access token or get a new access token with the refresh token. | |
OAuthGetUserAuthorizationURL | Generates the user authorization URL. OAuth 2.0 will not access the network in this operation. |
The OAuthGetAccessToken operation is an APIScript operation that is used to facilitate the OAuth authentication and refresh flows.
The Sync App includes stored procedures that invoke this operation to complete the OAuth exchange. The following example schema briefly lists some of the typically required inputs before the following sections explain them in more detail.
Invoke the OAuthGetAccessToken with the GetOAuthAccessToken stored procedure. The following inputs are required for most data sources and will provide default values for the connection properties of the same name.
<api:script xmlns:api="http://www.rssbus.com/ns/rsbscript/2">
<api:info title="GetOAuthAccessToken" description="Obtains the OAuth access token to be used for authentication with various APIs." >
<input name="AuthMode" desc="The OAuth flow. APP or WEB." />
<input name="CallbackURL" desc="The URL to be used as a trusted redirect URL, where the user will return with the token that verifies that they have granted your app access. " />
<input name="OAuthAccessToken" desc="The request token. OAuth 1.0 only." />
<input name="OAuthAccessTokenSecret" desc="The request token secret. OAuth 1.0 only." />
<input name="Verifier" desc="The verifier code obtained when the user grants permissions to your app." />
<output name="OAuthAccessToken" desc="The access token." />
<output name="OAuthTokenSecret" desc="The access token secret." />
<output name="OAuthRefreshToken" desc="A token that may be used to obtain a new access token." />
</api:info>
<!-- Set OAuthVersion to 1.0 or 2.0. -->
<api:set attr="OAuthVersion" value="MyOAuthVersion" />
<!-- Set RequestTokenURL to the URL where the request for the request token is made. OAuth 1.0 only.-->
<api:set attr="OAuthRequestTokenURL" value="http://MyOAuthRequestTokenURL" />
<!-- Set OAuthAuthorizationURL to the URL where the user logs into the service and grants permissions to the application. -->
<api:set attr="OAuthAuthorizationURL" value="http://MyOAuthAuthorizationURL" />
<!-- Set OAuthAccessTokenURL to the URL where the request for the access token is made. -->
<api:set attr="OAuthAccessTokenURL" value="http://MyOAuthAccessTokenURL" />
<!-- Set GrantType to the authorization grant type. OAuth 2.0 only. -->
<api:set attr="GrantType" value="CODE" />
<!-- Set SignMethod to the signature method used to calculate the signature of the request. OAuth 1.0 only.-->
<api:set attr="SignMethod" value="HMAC-SHA1" />
<api:call op="oauthGetAccessToken">
<api:push/>
</api:call>
</api:script>
You can also use OAuthGetAccessToken to refresh the access token by providing the following inputs:
<api:script xmlns:api="http://www.rssbus.com/ns/rsbscript/2">
<api:info title="RefreshOAuthAccessToken" description="Refreshes the OAuth access token used for authentication." >
<input name="OAuthRefreshToken" desc="A token that may be used to obtain a new access token." />
<output name="OAuthAccessToken" desc="The authentication token returned." />
<output name="OAuthTokenSecret" desc="The authentication token secret returned. OAuth 1.0 only." />
<output name="OAuthRefreshToken" desc="A token that may be used to obtain a new access token." />
<output name="ExpiresIn" desc="The remaining lifetime on the access token." />
</api:info>
<!-- Set OAuthVersion to 1.0 or 2.0. -->
<api:set attr="OAuthVersion" value="MyOAuthVersion" />
<!-- Set GrantType to REFRESH. OAuth 2.0 only. -->
<api:set attr="GrantType" value="REFRESH" />
<!-- Set SignMethod to the signature method used to calculate the signature of the request. OAuth 1.0 only.-->
<api:set attr="SignMethod" value="HMAC-SHA1" />
<!-- Set OAuthAccessTokenURL to the URL where the request for the access token is made. -->
<api:set attr="OAuthAccessTokenURL" value="http://MyOAuthAccessTokenURL" />
<!-- Set AuthMode to 'WEB' when calling RefreshOAuthAccessToken -->
<api:set attr="AuthMode" value="WEB"/>
<api:call op="oauthGetAccessToken">
<api:push/>
</api:call>
</api:script>
The OAuthGetUserAuthorizationURL is an APIScript operation that is used to facilitate the OAuth authentication flow for Web apps, for offline apps, and in situations where the Sync App is not allowed to open a Web browser. To pass the needed inputs to this operation, define the GetOAuthAuthorizationURL stored procedure. The Sync App can call this internally.
Define stored procedures in .rsb files with the same file name as the schema's title. The example schema briefly lists some of the typically required inputs before the following sections explain them in more detail.
Call OAuthGetUserAuthorizationURL in the GetOAuthAuthorizationURL stored procedure.
<api:script xmlns:api="http://www.rssbus.com/ns/rsbscript/2">
<api:info title="Get OAuth Authorization URL" description="Obtains the OAuth authorization URL used for authentication with various APIs." >
<input name="CallbackURL" desc="The URL to be used as a trusted redirect URL, where the user will return with the token that verifies that they have granted your app access. " />
<output name="URL" desc="The URL where the user logs in and is prompted to grant permissions to the app. " />
<output name="OAuthAccessToken" desc="The request token. OAuth 1.0 only." />
<output name="OAuthTokenSecret" desc="The request token secret. OAuth 1.0 only." />
</api:info>
<!-- Set OAuthVersion to 1.0 or 2.0. -->
<api:set attr="OAuthVersion" value="MyOAuthVersion" />
<!-- Set ResponseType to the desired authorization grant type. OAuth 2.0 only.-->
<api:set attr="ResponseType" value="code" />
<!-- Set SignMethod to the signature method used to calculate the signature. OAuth 1.0 only.-->
<api:set attr="SignMethod" value="HMAC-SHA1" />
<!-- Set OAuthAuthorizationURL to the URL where the user logs into the service and grants permissions to the application. -->
<api:set attr="OAuthAuthorizationURL" value="http://MyOAuthAuthorizationURL" />
<!-- Set OAuthAccessTokenURL to the URL where the request for the access token is made. -->
<api:set attr="OAuthAccessTokenURL" value="http://MyOAuthAccessTokenURL"/>
<!-- Set RequestTokenURL to the URL where the request for the request token is made. OAuth 1.0 only.-->
<api:set attr="OAuthRequestTokenURL" value="http://MyOAuthRequestTokenURL" />
<api:call op="oauthGetUserAuthorizationUrl">
<api:push/>
</api:call>
</api:script>
<p>
The connection string properties are the various options that can be used to establish a connection. This section provides a complete list of the options you can configure in the connection string for this provider. Click the links for further details.
For more information on establishing a connection, see Establishing a Connection.
Property | Description |
AuthScheme | The type of authentication to use when connecting to remote services. |
URL | The URL of the GraphQL service. |
User | The GraphQL user account used to authenticate. |
Password | The password used to authenticate the user. |
Property | Description |
AWSCognitoRegion | The hosting region for AWS Cognito. |
AWSUserPoolId | The User Pool Id. |
AWSUserPoolClientAppId | The User Pool Client App Id. |
AWSUserPoolClientAppSecret | Optional. The User Pool Client App Secret. |
Property | Description |
OAuthVersion | The version of OAuth being used. |
OAuthClientId | The client Id assigned when you register your application with an OAuth authorization server. |
OAuthClientSecret | The client secret assigned when you register your application with an OAuth authorization server. |
OAuthGrantType | The grant type for the OAuth flow. |
OAuthIncludeCallbackURL | Whether to include the callback URL in an access token request. |
OAuthAuthorizationURL | The authorization URL for the OAuth service. |
OAuthAccessTokenURL | The URL to retrieve the OAuth access token from. |
OAuthRefreshTokenURL | The URL to refresh the OAuth token from. |
OAuthRequestTokenURL | The URL the service provides to retrieve request tokens from. This is required in OAuth 1.0. |
AuthToken | The authentication token used to request and obtain the OAuth Access Token. |
AuthKey | The authentication secret used to request and obtain the OAuth Access Token. |
OAuthParams | A comma-separated list of other parameters to submit in the request for the OAuth access token in the format paramname=value. |
Property | Description |
OAuthJWTCert | The JWT Certificate store. |
OAuthJWTCertType | The type of key store containing the JWT Certificate. |
OAuthJWTCertPassword | The password for the OAuth JWT certificate. |
OAuthJWTCertSubject | The subject of the OAuth JWT certificate. |
OAuthJWTIssuer | The issuer of the Java Web Token. |
OAuthJWTSubject | The user subject for which the application is requesting delegated access. |
Property | Description |
SSLClientCert | The TLS/SSL client certificate store for SSL Client Authentication (2-way SSL). |
SSLClientCertType | The type of key store containing the TLS/SSL client certificate. |
SSLClientCertPassword | The password for the TLS/SSL client certificate. |
SSLClientCertSubject | The subject of the TLS/SSL client certificate. |
SSLServerCert | The certificate to be accepted from the server when connecting using TLS/SSL. |
Property | Description |
FirewallType | The protocol used by a proxy-based firewall. |
FirewallServer | The name or IP address of a proxy-based firewall. |
FirewallPort | The TCP port for a proxy-based firewall. |
FirewallUser | The user name to use to authenticate with a proxy-based firewall. |
FirewallPassword | A password used to authenticate to a proxy-based firewall. |
Property | Description |
ProxyAutoDetect | This indicates whether to use the system proxy settings or not. This takes precedence over other proxy settings, so you'll need to set ProxyAutoDetect to FALSE in order use custom proxy settings. |
ProxyServer | The hostname or IP address of a proxy to route HTTP traffic through. |
ProxyPort | The TCP port the ProxyServer proxy is running on. |
ProxyAuthScheme | The authentication type to use to authenticate to the ProxyServer proxy. |
ProxyUser | A user name to be used to authenticate to the ProxyServer proxy. |
ProxyPassword | A password to be used to authenticate to the ProxyServer proxy. |
ProxySSLType | The SSL type to use when connecting to the ProxyServer proxy. |
ProxyExceptions | A semicolon separated list of destination hostnames or IPs that are exempt from connecting through the ProxyServer . |
Property | Description |
LogModules | Core modules to be included in the log file. |
Property | Description |
Location | A path to the directory that contains the schema files defining tables, views, and stored procedures. |
BrowsableSchemas | This property restricts the schemas reported to a subset of the available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC. |
Tables | This property restricts the tables reported to a subset of the available tables. For example, Tables=TableA,TableB,TableC. |
Views | Restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC. |
ExpandArgumentsDepth | This property is used to determine how far the provider should search for columns inside the arguments of type INPUT_OBJECT. |
ExpandTablesDepth | This property is used to determine the depth of the child tables. |
ExpandTemporaryTablesDepth | This property is used to determine the depth of the child temporary tables. Only works if ExposeDynamicProcedures is set to true. |
ExpandColumnsDepth | This property is used to determine how far the provider should search for columns inside the GraphQL objects. |
IncludeDeprecatedMetadata | This property is used to determine whether the provider should expose deprecated tables and columns or not. |
ExposeDynamicProcedures | This property is used to determine whether the provider should expose mutations as dynamic procedures or not. |
Property | Description |
CustomHeaders | Other headers as determined by the user (optional). |
GenerateSchemaFiles | Indicates the user preference as to when schemas should be generated and saved. |
MaxRows | Limits the number of rows returned rows when no aggregation or group by is used in the query. This helps avoid performance issues at design time. |
Other | These hidden properties are used only in specific use cases. |
Pagesize | The maximum number of results to return per page from GraphQL. |
PseudoColumns | This property indicates whether or not to include pseudo columns as columns to the table. |
Timeout | The value in seconds until the timeout error is thrown, canceling the operation. |
UserDefinedViews | A filepath pointing to the JSON configuration file containing your custom views. |
This section provides a complete list of the Authentication properties you can configure in the connection string for this provider.
Property | Description |
AuthScheme | The type of authentication to use when connecting to remote services. |
URL | The URL of the GraphQL service. |
User | The GraphQL user account used to authenticate. |
Password | The password used to authenticate the user. |
The type of authentication to use when connecting to remote services.
The following options are generally available to all connections:
The URL of the GraphQL service.
The URL of the GraphQL service.
The GraphQL user account used to authenticate.
Together with Password, this field is used to authenticate against the GraphQL server.
The password used to authenticate the user.
The User and Password are together used to authenticate with the server.
This section provides a complete list of the AWS Authentication properties you can configure in the connection string for this provider.
Property | Description |
AWSCognitoRegion | The hosting region for AWS Cognito. |
AWSUserPoolId | The User Pool Id. |
AWSUserPoolClientAppId | The User Pool Client App Id. |
AWSUserPoolClientAppSecret | Optional. The User Pool Client App Secret. |
The hosting region for AWS Cognito.
The hosting region for AWS Cognito. Available values are OHIO, NORTHERNVIRGINIA, NORTHERNCALIFORNIA, OREGON, CAPETOWN, HONGKONG, MUMBAI, OSAKA, SEOUL, SINGAPORE, SYDNEY, TOKYO, CENTRAL, BEIJING, NINGXIA, FRANKFURT, IRELAND, LONDON, MILAN, PARIS, STOCKHOLM, BAHRAIN, SAOPAULO, GOVCLOUDEAST, and GOVCLOUDWEST.
The User Pool Id.
You can find this in AWS Cognito -> Manage User Pools -> select your user pool -> General settings -> Pool Id.
The User Pool Client App Id.
You can find this in AWS Cognito -> Manage Identity Pools -> select your user pool -> General settings -> App clients -> App client Id.
Optional. The User Pool Client App Secret.
You can find this in AWS Cognito -> Manage Identity Pools -> select your user pool -> General settings -> App clients -> App client secret.
This section provides a complete list of the OAuth properties you can configure in the connection string for this provider.
Property | Description |
OAuthVersion | The version of OAuth being used. |
OAuthClientId | The client Id assigned when you register your application with an OAuth authorization server. |
OAuthClientSecret | The client secret assigned when you register your application with an OAuth authorization server. |
OAuthGrantType | The grant type for the OAuth flow. |
OAuthIncludeCallbackURL | Whether to include the callback URL in an access token request. |
OAuthAuthorizationURL | The authorization URL for the OAuth service. |
OAuthAccessTokenURL | The URL to retrieve the OAuth access token from. |
OAuthRefreshTokenURL | The URL to refresh the OAuth token from. |
OAuthRequestTokenURL | The URL the service provides to retrieve request tokens from. This is required in OAuth 1.0. |
AuthToken | The authentication token used to request and obtain the OAuth Access Token. |
AuthKey | The authentication secret used to request and obtain the OAuth Access Token. |
OAuthParams | A comma-separated list of other parameters to submit in the request for the OAuth access token in the format paramname=value. |
The version of OAuth being used.
The version of OAuth being used. The following options are available: Disabled,1.0,2.0
The client Id assigned when you register your application with an OAuth authorization server.
As part of registering an OAuth application, you will receive the OAuthClientId value, sometimes also called a consumer key, and a client secret, the OAuthClientSecret.
The client secret assigned when you register your application with an OAuth authorization server.
As part of registering an OAuth application, you will receive the OAuthClientId, also called a consumer key. You will also receive a client secret, also called a consumer secret. Set the client secret in the OAuthClientSecret property.
The grant type for the OAuth flow.
The following options are available: CODE,CLIENT,PASSWORD
Whether to include the callback URL in an access token request.
This defaults to true since standards-compliant OAuth services will ignore the redirect_uri parameter for grant types like CLIENT or PASSWORD that do not require it.
This option should only be enabled for OAuth services that report errors when redirect_uri is included.
The authorization URL for the OAuth service.
The authorization URL for the OAuth service. At this URL, the user logs into the server and grants permissions to the application. In OAuth 1.0, if permissions are granted, the request token is authorized.
The URL to retrieve the OAuth access token from.
The URL to retrieve the OAuth access token from. In OAuth 1.0, the authorized request token is exchanged for the access token at this URL.
The URL to refresh the OAuth token from.
The URL to refresh the OAuth token from. In OAuth 2.0, this URL is where the refresh token is exchanged for a new access token when the old access token expires.
The URL the service provides to retrieve request tokens from. This is required in OAuth 1.0.
The URL the service provides to retrieve request tokens from. This is required in OAuth 1.0. In OAuth 1.0, this is the URL where the app makes a request for the request token.
The authentication token used to request and obtain the OAuth Access Token.
This property is required only when performing headless authentication in OAuth 1.0. It can be obtained from the GetOAuthAuthorizationUrl stored procedure.
It can be supplied alongside the AuthKey in the GetOAuthAccessToken stored procedure to obtain the OAuthAccessToken.
The authentication secret used to request and obtain the OAuth Access Token.
This property is required only when performing headless authentication in OAuth 1.0. It can be obtained from the GetOAuthAuthorizationUrl stored procedure.
It can be supplied alongside the AuthToken in the GetOAuthAccessToken stored procedure to obtain the OAuthAccessToken.
A comma-separated list of other parameters to submit in the request for the OAuth access token in the format paramname=value.
A comma-separated list of other parameters to submit in the request for the OAuth access token in the format paramname=value.
This section provides a complete list of the JWT OAuth properties you can configure in the connection string for this provider.
Property | Description |
OAuthJWTCert | The JWT Certificate store. |
OAuthJWTCertType | The type of key store containing the JWT Certificate. |
OAuthJWTCertPassword | The password for the OAuth JWT certificate. |
OAuthJWTCertSubject | The subject of the OAuth JWT certificate. |
OAuthJWTIssuer | The issuer of the Java Web Token. |
OAuthJWTSubject | The user subject for which the application is requesting delegated access. |
The JWT Certificate store.
The name of the certificate store for the client certificate.
The OAuthJWTCertType field specifies the type of the certificate store specified by OAuthJWTCert. If the store is password protected, specify the password in OAuthJWTCertPassword.
OAuthJWTCert is used in conjunction with the OAuthJWTCertSubject field in order to specify client certificates. If OAuthJWTCert has a value, and OAuthJWTCertSubject is set, a search for a certificate is initiated. Please refer to the OAuthJWTCertSubject field for details.
Designations of certificate stores are platform-dependent.
The following are designations of the most common User and Machine certificate stores in Windows:
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
SPC | Software publisher certificates. |
In Java, the certificate store normally is a file containing certificates and optional private keys.
When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).
The type of key store containing the JWT Certificate.
This property can take one of the following values:
USER | For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: This store type is not available in Java. |
MACHINE | For Windows, this specifies that the certificate store is a machine store. Note: this store type is not available in Java. |
PFXFILE | The certificate store is the name of a PFX (PKCS12) file containing certificates. |
PFXBLOB | The certificate store is a string (base-64-encoded) representing a certificate store in PFX (PKCS12) format. |
JKSFILE | The certificate store is the name of a Java key store (JKS) file containing certificates. Note: this store type is only available in Java. |
JKSBLOB | The certificate store is a string (base-64-encoded) representing a certificate store in Java key store (JKS) format. Note: this store type is only available in Java. |
PEMKEY_FILE | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
PEMKEY_BLOB | The certificate store is a string (base64-encoded) that contains a private key and an optional certificate. |
PUBLIC_KEY_FILE | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
PUBLIC_KEY_BLOB | The certificate store is a string (base-64-encoded) that contains a PEM- or DER-encoded public key certificate. |
SSHPUBLIC_KEY_FILE | The certificate store is the name of a file that contains an SSH-style public key. |
SSHPUBLIC_KEY_BLOB | The certificate store is a string (base-64-encoded) that contains an SSH-style public key. |
P7BFILE | The certificate store is the name of a PKCS7 file containing certificates. |
PPKFILE | The certificate store is the name of a file that contains a PPK (PuTTY Private Key). |
XMLFILE | The certificate store is the name of a file that contains a certificate in XML format. |
XMLBLOB | The certificate store is a string that contains a certificate in XML format. |
The password for the OAuth JWT certificate.
If the certificate store is of a type that requires a password, this property is used to specify that password in order to open the certificate store.
The subject of the OAuth JWT certificate.
When loading a certificate the subject is used to locate the certificate in the store.
If an exact match is not found, the store is searched for subjects containing the value of the property.
If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks the first certificate in the certificate store.
The certificate subject is a comma separated list of distinguished name fields and values. For instance "CN=www.server.com, OU=test, C=US, [email protected]". Common fields and their meanings are displayed below.
Field | Meaning |
CN | Common Name. This is commonly a host name like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma it must be quoted.
The issuer of the Java Web Token.
The issuer of the Java Web Token. This is typically either the Client Id or Email Address of the OAuth Application.
The user subject for which the application is requesting delegated access.
The user subject for which the application is requesting delegated access. Typically, the user account name or email address.
This section provides a complete list of the SSL properties you can configure in the connection string for this provider.
Property | Description |
SSLClientCert | The TLS/SSL client certificate store for SSL Client Authentication (2-way SSL). |
SSLClientCertType | The type of key store containing the TLS/SSL client certificate. |
SSLClientCertPassword | The password for the TLS/SSL client certificate. |
SSLClientCertSubject | The subject of the TLS/SSL client certificate. |
SSLServerCert | The certificate to be accepted from the server when connecting using TLS/SSL. |
The TLS/SSL client certificate store for SSL Client Authentication (2-way SSL).
The name of the certificate store for the client certificate.
The SSLClientCertType field specifies the type of the certificate store specified by SSLClientCert. If the store is password protected, specify the password in SSLClientCertPassword.
SSLClientCert is used in conjunction with the SSLClientCertSubject field in order to specify client certificates. If SSLClientCert has a value, and SSLClientCertSubject is set, a search for a certificate is initiated. See SSLClientCertSubject for more information.
Designations of certificate stores are platform-dependent.
The following are designations of the most common User and Machine certificate stores in Windows:
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
SPC | Software publisher certificates. |
In Java, the certificate store normally is a file containing certificates and optional private keys.
When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (for example, PKCS12 certificate store).
The type of key store containing the TLS/SSL client certificate.
This property can take one of the following values:
USER - default | For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note that this store type is not available in Java. |
MACHINE | For Windows, this specifies that the certificate store is a machine store. Note that this store type is not available in Java. |
PFXFILE | The certificate store is the name of a PFX (PKCS12) file containing certificates. |
PFXBLOB | The certificate store is a string (base-64-encoded) representing a certificate store in PFX (PKCS12) format. |
JKSFILE | The certificate store is the name of a Java key store (JKS) file containing certificates. Note that this store type is only available in Java. |
JKSBLOB | The certificate store is a string (base-64-encoded) representing a certificate store in JKS format. Note that this store type is only available in Java. |
PEMKEY_FILE | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
PEMKEY_BLOB | The certificate store is a string (base64-encoded) that contains a private key and an optional certificate. |
PUBLIC_KEY_FILE | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
PUBLIC_KEY_BLOB | The certificate store is a string (base-64-encoded) that contains a PEM- or DER-encoded public key certificate. |
SSHPUBLIC_KEY_FILE | The certificate store is the name of a file that contains an SSH-style public key. |
SSHPUBLIC_KEY_BLOB | The certificate store is a string (base-64-encoded) that contains an SSH-style public key. |
P7BFILE | The certificate store is the name of a PKCS7 file containing certificates. |
PPKFILE | The certificate store is the name of a file that contains a PuTTY Private Key (PPK). |
XMLFILE | The certificate store is the name of a file that contains a certificate in XML format. |
XMLBLOB | The certificate store is a string that contains a certificate in XML format. |
The password for the TLS/SSL client certificate.
If the certificate store is of a type that requires a password, this property is used to specify that password to open the certificate store.
The subject of the TLS/SSL client certificate.
When loading a certificate the subject is used to locate the certificate in the store.
If an exact match is not found, the store is searched for subjects containing the value of the property. If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks the first certificate in the certificate store.
The certificate subject is a comma separated list of distinguished name fields and values. For example, "CN=www.server.com, OU=test, C=US, [email protected]". The common fields and their meanings are shown below.
Field | Meaning |
CN | Common Name. This is commonly a host name like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma, it must be quoted.
The certificate to be accepted from the server when connecting using TLS/SSL.
If using a TLS/SSL connection, this property can be used to specify the TLS/SSL certificate to be accepted from the server. Any other certificate that is not trusted by the machine is rejected.
This property can take the following forms:
Description | Example |
A full PEM Certificate (example shortened for brevity) | -----BEGIN CERTIFICATE----- MIIChTCCAe4CAQAwDQYJKoZIhv......Qw== -----END CERTIFICATE----- |
A path to a local file containing the certificate | C:\cert.cer |
The public key (example shortened for brevity) | -----BEGIN RSA PUBLIC KEY----- MIGfMA0GCSq......AQAB -----END RSA PUBLIC KEY----- |
The MD5 Thumbprint (hex values can also be either space or colon separated) | ecadbdda5a1529c58a1e9e09828d70e4 |
The SHA1 Thumbprint (hex values can also be either space or colon separated) | 34a929226ae0819f2ec14b4a3d904f801cbb150d |
If not specified, any certificate trusted by the machine is accepted.
Use '*' to signify to accept all certificates. Note that this is not recommended due to security concerns.
This section provides a complete list of the Firewall properties you can configure in the connection string for this provider.
Property | Description |
FirewallType | The protocol used by a proxy-based firewall. |
FirewallServer | The name or IP address of a proxy-based firewall. |
FirewallPort | The TCP port for a proxy-based firewall. |
FirewallUser | The user name to use to authenticate with a proxy-based firewall. |
FirewallPassword | A password used to authenticate to a proxy-based firewall. |
The protocol used by a proxy-based firewall.
This property specifies the protocol that the Sync App will use to tunnel traffic through the FirewallServer proxy. Note that by default, the Sync App connects to the system proxy; to disable this behavior and connect to one of the following proxy types, set ProxyAutoDetect to false.
Type | Default Port | Description |
TUNNEL | 80 | When this is set, the Sync App opens a connection to GraphQL and traffic flows back and forth through the proxy. |
SOCKS4 | 1080 | When this is set, the Sync App sends data through the SOCKS 4 proxy specified by FirewallServer and FirewallPort and passes the FirewallUser value to the proxy, which determines if the connection request should be granted. |
SOCKS5 | 1080 | When this is set, the Sync App sends data through the SOCKS 5 proxy specified by FirewallServer and FirewallPort. If your proxy requires authentication, set FirewallUser and FirewallPassword to credentials the proxy recognizes. |
To connect to HTTP proxies, use ProxyServer and ProxyPort. To authenticate to HTTP proxies, use ProxyAuthScheme, ProxyUser, and ProxyPassword.
The name or IP address of a proxy-based firewall.
This property specifies the IP address, DNS name, or host name of a proxy allowing traversal of a firewall. The protocol is specified by FirewallType: Use FirewallServer with this property to connect through SOCKS or do tunneling. Use ProxyServer to connect to an HTTP proxy.
Note that the Sync App uses the system proxy by default. To use a different proxy, set ProxyAutoDetect to false.
The TCP port for a proxy-based firewall.
This specifies the TCP port for a proxy allowing traversal of a firewall. Use FirewallServer to specify the name or IP address. Specify the protocol with FirewallType.
The user name to use to authenticate with a proxy-based firewall.
The FirewallUser and FirewallPassword properties are used to authenticate against the proxy specified in FirewallServer and FirewallPort, following the authentication method specified in FirewallType.
A password used to authenticate to a proxy-based firewall.
This property is passed to the proxy specified by FirewallServer and FirewallPort, following the authentication method specified by FirewallType.
This section provides a complete list of the Proxy properties you can configure in the connection string for this provider.
Property | Description |
ProxyAutoDetect | This indicates whether to use the system proxy settings or not. This takes precedence over other proxy settings, so you'll need to set ProxyAutoDetect to FALSE in order use custom proxy settings. |
ProxyServer | The hostname or IP address of a proxy to route HTTP traffic through. |
ProxyPort | The TCP port the ProxyServer proxy is running on. |
ProxyAuthScheme | The authentication type to use to authenticate to the ProxyServer proxy. |
ProxyUser | A user name to be used to authenticate to the ProxyServer proxy. |
ProxyPassword | A password to be used to authenticate to the ProxyServer proxy. |
ProxySSLType | The SSL type to use when connecting to the ProxyServer proxy. |
ProxyExceptions | A semicolon separated list of destination hostnames or IPs that are exempt from connecting through the ProxyServer . |
This indicates whether to use the system proxy settings or not. This takes precedence over other proxy settings, so you'll need to set ProxyAutoDetect to FALSE in order use custom proxy settings.
This takes precedence over other proxy settings, so you'll need to set ProxyAutoDetect to FALSE in order use custom proxy settings.
To connect to an HTTP proxy, see ProxyServer. For other proxies, such as SOCKS or tunneling, see FirewallType.
The hostname or IP address of a proxy to route HTTP traffic through.
The hostname or IP address of a proxy to route HTTP traffic through. The Sync App can use the HTTP, Windows (NTLM), or Kerberos authentication types to authenticate to an HTTP proxy.
If you need to connect through a SOCKS proxy or tunnel the connection, see FirewallType.
By default, the Sync App uses the system proxy. If you need to use another proxy, set ProxyAutoDetect to false.
The TCP port the ProxyServer proxy is running on.
The port the HTTP proxy is running on that you want to redirect HTTP traffic through. Specify the HTTP proxy in ProxyServer. For other proxy types, see FirewallType.
The authentication type to use to authenticate to the ProxyServer proxy.
This value specifies the authentication type to use to authenticate to the HTTP proxy specified by ProxyServer and ProxyPort.
Note that the Sync App will use the system proxy settings by default, without further configuration needed; if you want to connect to another proxy, you will need to set ProxyAutoDetect to false, in addition to ProxyServer and ProxyPort. To authenticate, set ProxyAuthScheme and set ProxyUser and ProxyPassword, if needed.
The authentication type can be one of the following:
If you need to use another authentication type, such as SOCKS 5 authentication, see FirewallType.
A user name to be used to authenticate to the ProxyServer proxy.
The ProxyUser and ProxyPassword options are used to connect and authenticate against the HTTP proxy specified in ProxyServer.
You can select one of the available authentication types in ProxyAuthScheme. If you are using HTTP authentication, set this to the user name of a user recognized by the HTTP proxy. If you are using Windows or Kerberos authentication, set this property to a user name in one of the following formats:
user@domain domain\user
A password to be used to authenticate to the ProxyServer proxy.
This property is used to authenticate to an HTTP proxy server that supports NTLM (Windows), Kerberos, or HTTP authentication. To specify the HTTP proxy, you can set ProxyServer and ProxyPort. To specify the authentication type, set ProxyAuthScheme.
If you are using HTTP authentication, additionally set ProxyUser and ProxyPassword to HTTP proxy.
If you are using NTLM authentication, set ProxyUser and ProxyPassword to your Windows password. You may also need these to complete Kerberos authentication.
For SOCKS 5 authentication or tunneling, see FirewallType.
By default, the Sync App uses the system proxy. If you want to connect to another proxy, set ProxyAutoDetect to false.
The SSL type to use when connecting to the ProxyServer proxy.
This property determines when to use SSL for the connection to an HTTP proxy specified by ProxyServer. This value can be AUTO, ALWAYS, NEVER, or TUNNEL. The applicable values are the following:
AUTO | Default setting. If the URL is an HTTPS URL, the Sync App will use the TUNNEL option. If the URL is an HTTP URL, the component will use the NEVER option. |
ALWAYS | The connection is always SSL enabled. |
NEVER | The connection is not SSL enabled. |
TUNNEL | The connection is through a tunneling proxy. The proxy server opens a connection to the remote host and traffic flows back and forth through the proxy. |
A semicolon separated list of destination hostnames or IPs that are exempt from connecting through the ProxyServer .
The ProxyServer is used for all addresses, except for addresses defined in this property. Use semicolons to separate entries.
Note that the Sync App uses the system proxy settings by default, without further configuration needed; if you want to explicitly configure proxy exceptions for this connection, you need to set ProxyAutoDetect = false, and configure ProxyServer and ProxyPort. To authenticate, set ProxyAuthScheme and set ProxyUser and ProxyPassword, if needed.
This section provides a complete list of the Logging properties you can configure in the connection string for this provider.
Property | Description |
LogModules | Core modules to be included in the log file. |
Core modules to be included in the log file.
Only the modules specified (separated by ';') will be included in the log file. By default all modules are included.
See the Logging page for an overview.
This section provides a complete list of the Schema properties you can configure in the connection string for this provider.
Property | Description |
Location | A path to the directory that contains the schema files defining tables, views, and stored procedures. |
BrowsableSchemas | This property restricts the schemas reported to a subset of the available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC. |
Tables | This property restricts the tables reported to a subset of the available tables. For example, Tables=TableA,TableB,TableC. |
Views | Restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC. |
ExpandArgumentsDepth | This property is used to determine how far the provider should search for columns inside the arguments of type INPUT_OBJECT. |
ExpandTablesDepth | This property is used to determine the depth of the child tables. |
ExpandTemporaryTablesDepth | This property is used to determine the depth of the child temporary tables. Only works if ExposeDynamicProcedures is set to true. |
ExpandColumnsDepth | This property is used to determine how far the provider should search for columns inside the GraphQL objects. |
IncludeDeprecatedMetadata | This property is used to determine whether the provider should expose deprecated tables and columns or not. |
ExposeDynamicProcedures | This property is used to determine whether the provider should expose mutations as dynamic procedures or not. |
A path to the directory that contains the schema files defining tables, views, and stored procedures.
The path to a directory which contains the schema files for the Sync App (.rsd files for tables and views, .rsb files for stored procedures). The folder location can be a relative path from the location of the executable. The Location property is only needed if you want to customize definitions (for example, change a column name, ignore a column, and so on) or extend the data model with new tables, views, or stored procedures.
If left unspecified, the default location is "%APPDATA%\\CData\\GraphQL Data Provider\\Schema" with %APPDATA% being set to the user's configuration directory:
This property restricts the schemas reported to a subset of the available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC.
Listing the schemas from databases can be expensive. Providing a list of schemas in the connection string improves the performance.
This property restricts the tables reported to a subset of the available tables. For example, Tables=TableA,TableB,TableC.
Listing the tables from some databases can be expensive. Providing a list of tables in the connection string improves the performance of the Sync App.
This property can also be used as an alternative to automatically listing views if you already know which ones you want to work with and there would otherwise be too many to work with.
Specify the tables you want in a comma-separated list. Each table should be a valid SQL identifier with any special characters escaped using square brackets, double-quotes or backticks. For example, Tables=TableA,[TableB/WithSlash],WithCatalog.WithSchema.`TableC With Space`.
Note that when connecting to a data source with multiple schemas or catalogs, you will need to provide the fully qualified name of the table in this property, as in the last example here, to avoid ambiguity between tables that exist in multiple catalogs or schemas.
Restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC.
Listing the views from some databases can be expensive. Providing a list of views in the connection string improves the performance of the Sync App.
This property can also be used as an alternative to automatically listing views if you already know which ones you want to work with and there would otherwise be too many to work with.
Specify the views you want in a comma-separated list. Each view should be a valid SQL identifier with any special characters escaped using square brackets, double-quotes or backticks. For example, Views=ViewA,[ViewB/WithSlash],WithCatalog.WithSchema.`ViewC With Space`.
Note that when connecting to a data source with multiple schemas or catalogs, you will need to provide the fully qualified name of the table in this property, as in the last example here, to avoid ambiguity between tables that exist in multiple catalogs or schemas.
This property is used to determine how far the provider should search for columns inside the arguments of type INPUT_OBJECT.
This property is used to determine how far the Sync App should search for columns inside the arguments of type INPUT_OBJECT. For example:
{ "variables": { "input": { "filters": { "type": "SUPPLIER" } } }, "query": "query($input:FilteredCompaniesInput!) {\r\nfilteredCompanies(input:$input) {\r\nid:id\r\nvalue:value\r\n}\r\n}\r\n" }for the SQL query:
SELECT id,value FROM filteredCompanies WHERE type='SUPPLIER'In this case the nested "FilteredCompaniesInput" is itself of type INPUT_OBJECT. In a column search, the ExpandColumnsDepth property controls how many nested levels of type INPUT_OBJECT are subjected to searching.
This property is used to determine the depth of the child tables.
This property is used to determine the depth of the child tables.
This property is used to determine the depth of the child temporary tables. Only works if ExposeDynamicProcedures is set to true.
This property is used to determine the depth of the child temporary tables. Only works if ExposeDynamicProcedures is set to true.
This property is used to determine how far the provider should search for columns inside the GraphQL objects.
This property is used to determine how far the Sync App should search for columns inside the GraphQL objects.
This property is used to determine whether the provider should expose deprecated tables and columns or not.
This property is used to determine whether the Sync App should expose deprecated tables and columns or not.
This property is used to determine whether the provider should expose mutations as dynamic procedures or not.
This property is used to determine whether the Sync App should expose mutations as dynamic procedures or not.
This section provides a complete list of the Miscellaneous properties you can configure in the connection string for this provider.
Property | Description |
CustomHeaders | Other headers as determined by the user (optional). |
GenerateSchemaFiles | Indicates the user preference as to when schemas should be generated and saved. |
MaxRows | Limits the number of rows returned rows when no aggregation or group by is used in the query. This helps avoid performance issues at design time. |
Other | These hidden properties are used only in specific use cases. |
Pagesize | The maximum number of results to return per page from GraphQL. |
PseudoColumns | This property indicates whether or not to include pseudo columns as columns to the table. |
Timeout | The value in seconds until the timeout error is thrown, canceling the operation. |
UserDefinedViews | A filepath pointing to the JSON configuration file containing your custom views. |
Other headers as determined by the user (optional).
This property can be set to a string of headers to be appended to the HTTP request headers created from other properties, like ContentType, From, and so on.
The headers must be of the format "header: value" as described in the HTTP specifications. Header lines should be separated by the carriage return and line feed (CRLF) characters.
Use this property with caution. If this property contains invalid headers, HTTP requests may fail.
This property is useful for fine-tuning the functionality of the Sync App to integrate with specialized or nonstandard APIs.
Indicates the user preference as to when schemas should be generated and saved.
This property outputs schemas to .rsd files in the path specified by Location.
Available settings are the following:
When you set GenerateSchemaFiles to OnUse, the Sync App generates schemas as you execute SELECT queries. Schemas are generated for each table referenced in the query.
When you set GenerateSchemaFiles to OnCreate, schemas are only generated when a CREATE TABLE query is executed.
Another way to use this property is to obtain schemas for every table in your database when you connect. To do so, set GenerateSchemaFiles to OnStart and connect.
Limits the number of rows returned rows when no aggregation or group by is used in the query. This helps avoid performance issues at design time.
Limits the number of rows returned rows when no aggregation or group by is used in the query. This helps avoid performance issues at design time.
These hidden properties are used only in specific use cases.
The properties listed below are available for specific use cases. Normal driver use cases and functionality should not require these properties.
Specify multiple properties in a semicolon-separated list.
DefaultColumnSize | Sets the default length of string fields when the data source does not provide column length in the metadata. The default value is 2000. |
ConvertDateTimeToGMT | Determines whether to convert date-time values to GMT, instead of the local time of the machine. |
RecordToFile=filename | Records the underlying socket data transfer to the specified file. |
The maximum number of results to return per page from GraphQL.
The Pagesize property affects the maximum number of results to return per page from GraphQL. Setting a higher value may result in better performance at the cost of additional memory eaten up per page consumed. The pageSize is proportional to the GraphQL query cost.
This property indicates whether or not to include pseudo columns as columns to the table.
This setting is particularly helpful in Entity Framework, which does not allow you to set a value for a pseudo column unless it is a table column. The value of this connection setting is of the format "Table1=Column1, Table1=Column2, Table2=Column3". You can use the "*" character to include all tables and all columns; for example, "*=*".
The value in seconds until the timeout error is thrown, canceling the operation.
If Timeout = 0, operations do not time out. The operations run until they complete successfully or until they encounter an error condition.
If Timeout expires and the operation is not yet complete, the Sync App throws an exception.
A filepath pointing to the JSON configuration file containing your custom views.
User Defined Views are defined in a JSON-formatted configuration file called UserDefinedViews.json. The Sync App automatically detects the views specified in this file.
You can also have multiple view definitions and control them using the UserDefinedViews connection property. When you use this property, only the specified views are seen by the Sync App.
This User Defined View configuration file is formatted as follows:
For example:
{ "MyView": { "query": "SELECT * FROM Users WHERE MyColumn = 'value'" }, "MyView2": { "query": "SELECT * FROM MyTable WHERE Id IN (1,2,3)" } }Use the UserDefinedViews connection property to specify the location of your JSON configuration file. For example:
"UserDefinedViews", "C:\\Users\\yourusername\\Desktop\\tmp\\UserDefinedViews.json"