Login 24/7 Support Community tyk.io

3. Mutations

Now that we have stitched are Query fields to appropriate datasources, doing the same for Mutations should be quite similar.

1. Extend Schema

Well extend our schema to add and delete the review. In the schema tab replace your Mutation type with follows and update the API.

type Mutation {
  addReview(text: String, userId: String): Review
  deletReview(reviewId: String): String

Here, addReview would expect text and userId as arguments which we’d use to make a POST request to our Review service.

2. Attach datasource.

  • Navigate to datasources section in your schema tab and select addReview field.
  • Set type as REST
  • Set url to http://localhost:4001/reviews
  • Set name to addReview
  • Select method as POST
  • Set headers (optional)
  • Keep field mapping disabled

3. Add arguments to POST body (request payload).

You can use the templating syntax to relay arguments to POST body as follows

    "text": "{{.arguments.text}}",
    "userId": "{{.arguments.userId}}"

Click on “Update Field and Data Source” and update the API

4. Execute a mutation operation

We can now test our mutation operation with the playground in API designer using the following query

mutation AddReview {
  addReview(text: "review using udg", userId:"1"){

which should return us following response.

  "data": {
    "addReview": {
      "id": "e201e6f3-b582-4772-b95a-d25199b4ab82",
      "text": "review using udg"


Configure a datasource to delete a review using review id.


- For users field on type Review
- - Description :: delete review using reviewId
- - URL :: http://localhost:4001/reviews/:reviewId
- - Method :: DELETE

- Enable field mapping to map your API response 


You can find the solution for the challenge in the above video.

Now that we have a good idea how we could do CRUD operations with UDG APIs, let’s see how we can secure them using policies