We'll create a helper function to send GraphQL requests to Hasura from our serverless
node-fetch and passing the
X-Hasura-Admin-Secret in the header of the request.
Hasura is configured with an admin password that we set in the previous lesson. When making an API request the client passes the admin password in the header
X-Hasura-Admin-Secret. Then Hasura validates the admin secret and allows access to all resources.
The secret is called
admin-secret since the
admin ****role is used to execute the request i.e the caller will have permissions to create/update/delete/view any data that is there.