If you’ve configured your WPGraphQL settings to “Limit the execution of GraphQL operations to authenticated requests”, this will block all root operations unless the user making the request is already authenticated. If you’re using a GraphQL mutation to authenticate, such as the one provided by WPGraphQL JWT Authentication, you might want to allow the login …
Continue reading “Allow login mutation to be public when the endpoint is fully restricted”