Pairing session with installation when using GraphQL

[azlekov]

New Feature / Enhancement Checklist

• [x] I am not disclosing a vulnerability.
• [x] I am not just asking a question.
• [x] I have searched through existing issues.

Current Limitation

The REST API have an option to pair session with installation but it looks like there's no alternative out of box for the GraphQL.

Feature / Enhancement Description

It would be great if there's similar API using the GraphQL and out of the box pair session with installation on the Parse Server. If is out of the box feature this will eliminate the need to do some calls using master key as the session or the installation permissions can differ.

If there's chance the GraphQL API to respect x-parse-installation-id will be great.

Example Use Case

Example 1: me GraphQL query or mutation which respect x-parse-installation-id header. Example 2: login, signUp respecting x-parse-installation-id header

Alternatives / Workarounds

1. creating and saving an installation
2. creating a session using login, signUp etc.
3. update session's installationId

3rd Party References

[parse-github-assistant[bot]]

Thanks for opening this issue!

• 🎉 We are excited about your ideas for improvement!

[mtrezza]

The docs relate the endpoint to IoT applications:

IoT device calls the following endpoint to associate the its installationId with its session. This endpoint only works with session tokens from restricted sessions. Please note that REST API calls from an IoT device should use the Client Key, not the REST API Key.

In fact, we have removed the "restricted session" artifacts a while ago in https://github.com/parse-community/parse-server/pull/7543, so I am not sure how that endpoint behaves or whether the described scenario from the docs is still applicable. There is also an open issue https://github.com/parse-community/docs/issues/846 which should remove references to "restricted session".