> ## Documentation Index
> Fetch the complete documentation index at: https://ormilabs.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# How to setup a private GraphQL URL

> Enable a private GraphQL endpoint to secure your subgraph data with API key authentication.

## What is a private GraphQL URL?

By default, every deployed subgraph includes a **public GraphQL endpoint**.

You can also enable a **private endpoint**, which requires an authentication token for every request.

### Private endpoints are ideal for:

* Restrict data access to trusted users or applications.
* Protect sensitive onchain data in production.
* Manage usage via authenticated API keys.

## How to enable a private GraphQL link

### Step 1: Navigate to the [0xGraph console](https://app.ormilabs.com/dashboard/0xgraph) and press the `>_` icon

<Frame>
  <img src="https://mintcdn.com/ormilabs/XdTpJ0jGUKw4Ynly/images/how-to/private2.png?fit=max&auto=format&n=XdTpJ0jGUKw4Ynly&q=85&s=45d17f6b83f1234c38290ece93132fab" alt="0xGraph graph init" width="1881" height="880" data-path="images/how-to/private2.png" />

  <figcaption>API Keys</figcaption>
</Frame>

### Step 2: Click on the "Tags" tab

<Frame>
  <img src="https://mintcdn.com/ormilabs/XdTpJ0jGUKw4Ynly/images/how-to/private.png?fit=max&auto=format&n=XdTpJ0jGUKw4Ynly&q=85&s=560e6af6112a63cffb865cbc60afd565" alt="0xGraph graph init" width="1229" height="834" data-path="images/how-to/private.png" />

  <figcaption>API Keys</figcaption>
</Frame>

### Step 3: Enable private GraphQL link

Tick the **Enabled** checkbox

## Find your private URL

<Frame>
  <img src="https://mintcdn.com/ormilabs/XdTpJ0jGUKw4Ynly/images/how-to/private3.png?fit=max&auto=format&n=XdTpJ0jGUKw4Ynly&q=85&s=b36c81515bf5633e8446b1a9bc18a852" alt="0xGraph graph init" width="1261" height="836" data-path="images/how-to/private3.png" />

  <figcaption>API Keys</figcaption>
</Frame>

Once enabled, your unique private GraphQL URL can be accesed from the 0xGraph console.

## Authenticate your requests

Private endpoints require an API key in the request header for authentication.

### Step 1: Generate an [API key](/subgraphs/quickstart/generate-an-api-key).

<Frame>
  <img src="https://mintcdn.com/ormilabs/XdTpJ0jGUKw4Ynly/images/how-to/private5.png?fit=max&auto=format&n=XdTpJ0jGUKw4Ynly&q=85&s=47d4177b1c69834587e905571fe931d0" alt="0xGraph graph init" width="1885" height="878" data-path="images/how-to/private5.png" />

  <figcaption>API Keys</figcaption>
</Frame>

### Step 2: Add the API key into the `Authorization` header in the GraphQL client.

```
{ "Authorization": "Bearer GVOQH8CE7XL0WTOXXXXXXXXXX" }
```

Set the header value to `Bearer GVOQH8CE7XL0WTOXXXXXXXXXX`, replacing `GVOQH8CE7XL0WTOXXXXXXXXXX` with the API key you just generated.

<Frame>
  <img src="https://mintcdn.com/ormilabs/XdTpJ0jGUKw4Ynly/images/how-to/private4.png?fit=max&auto=format&n=XdTpJ0jGUKw4Ynly&q=85&s=5cf935e468420423f9a1b90d92ce266d" alt="0xGraph graph init" width="1884" height="903" data-path="images/how-to/private4.png" />

  <figcaption>API Keys</figcaption>
</Frame>

By following these steps, you can securely interact with your subgraph using its private GraphQL endpoint.