Create subgraph without _entities or _service exposed publicly

Hello, I’m trying to migrate from a single graphql app in production to a supergraph structure this app (app becomes a subgraph). In order to maintain ease of migration and compatibility with legacy clients, I would like to allow clients to continue to query the subgraph directly. However, it looks like _entities and _service are dangerous endpoints that are publicly exposed by default on subgraphs.

I’m generating the supergraph schema offline with the rover tool prior to deployment.

Are there any workarounds you’d suggest to enable this type of migration pattern? Thank you.

Hello, good question! For this scenario, I might recommend setting up a separate gateway just for this subgraph (and composing a separate supergraph schema from just this single subgraph schema). The gateway would serve from your subgraph’s current public URL so that legacy clients don’t need to update their endpoint, and your subgraph would then only be accessible by your two gateways.

Any direct alteration of the subgraph to prevent querying _entities and/or _service feels fraught, given that you’d need to make sure this prevention always executes for direct client requests and doesn’t execute for requests coming from your gateway.