GraphQL API

The Ontology Service exposes a GraphQL API built with Strawberry for Python. The GraphQL endpoint provides a typed, self-documenting interface for querying and mutating ontology definitions with query depth limiting for security.

Source: data-plane/ontology-service/src/api/graphql/

Configuration

Property	Value
Framework	Strawberry (Python GraphQL library)
Endpoint	`/graphql`
Max query depth	10 levels
Introspection	Enabled in dev, disabled in production

Schema Definition

# data-plane/ontology-service/src/api/graphql/schema.py
schema = strawberry.Schema(
    query=Query,
    mutation=Mutation,
    extensions=[
        QueryDepthLimiter(max_depth=10),
    ],
)

Queries

Get Object Type

query GetObjectType($id: ID!) {
  objectType(id: $id) {
    id
    name
    description
    layer
    status
    governance {
      owner
      steward
      classification
      piiFields
    }
    properties {
      name
      dataType
      required
      description
    }
    relationships {
      name
      targetType
      cardinality
    }
  }
}

List Object Types

query ListObjectTypes($layer: OntologyLayer, $status: ObjectTypeStatus) {
  objectTypes(layer: $layer, status: $status) {
    id
    name
    layer
    status
    propertyCount
    relationshipCount
  }
}

Search Object Types

query SearchObjectTypes($query: String!) {
  searchObjectTypes(query: $query) {
    id
    name
    description
    relevanceScore
  }
}

Mutations

Create Object Type

mutation CreateObjectType($input: ObjectTypeInput!) {
  createObjectType(input: $input) {
    id
    name
    status
  }
}

Update Property

mutation UpdateProperty($objectTypeId: ID!, $propertyName: String!, $input: PropertyInput!) {
  updateProperty(objectTypeId: $objectTypeId, propertyName: $propertyName, input: $input) {
    name
    dataType
    required
  }
}

Add Relationship

mutation AddRelationship($objectTypeId: ID!, $input: RelationshipInput!) {
  addRelationship(objectTypeId: $objectTypeId, input: $input) {
    name
    targetType
    cardinality
  }
}

Type Definitions

Key GraphQL types are defined in data-plane/ontology-service/src/api/graphql/types.py:

Type	Fields
`ObjectType`	id, name, description, layer, status, governance, properties, relationships
`PropertyDefinition`	name, dataType, description, required, validation
`RelationshipDefinition`	name, targetType, cardinality, joinType, inverseName
`GovernanceInfo`	owner, steward, classification, piiFields, retentionDays
`ValidationResult`	valid, errors, warnings

Security

Measure	Implementation
Authentication	JWT token validated from Authorization header
Tenant isolation	X-Tenant-ID header scopes all queries to tenant
Query depth	Limited to 10 levels via QueryDepthLimiter
Introspection	Disabled in production deployments

Object Types -- Object type model
API Reference -- REST API endpoints
Ontology Templates -- Pre-built templates

Schema Validation Ontology Templates