Security, Governance, and Backups

How are backups performed? What is the backup frequency?

Structural information (metadata) is backed up daily via a snapshot for all plans starting from our Professional plan. The content databases support point-in-time recovery (PiTR). Point-in-time recovery allows restoring a database into a state it was at any point in time.

You can also create your own backups with a periodic frequency defined by you, and proceed to query all your content to be stored in your own S3 bucket or another service.

Do you provide Offsite backups?

Nightly (or more frequent) copies of your content can be created using the Hygraph Content API.

Do you provide Audit/Activity Logs?

Yes, they allow you to monitor schema and content changes.

What are Custom Roles?

With custom roles you have the ability to define customized permissions for collaborators.

Will my project be hosted on a shared or dedicated infrastructure?

Projects on Dedicated Infrastructure, an Enterprise service, can be hosted in every available region in the AWS global network. Contact us for more information.

Projects on Shared Infrastructures give you 9 options on which data centers to host your content in:

  • Australia (Sydney)
  • Brazil (São Paulo)
  • Canada (Montreal)
  • Germany (Frankfurt)
  • India (Mumbai)
  • Japan (Tokyo)
  • US East (North Virginia)
  • US West (Oregon)
  • United Kingdom (London)

When creating a new project, you can select which of these locations best suits your project.

Do you offer Service Level Agreements?

Yes. Hygraph offers enterprise-grade service level agreements. We offer service uptime guarantees of up to 99.95%. Our support response time guarantees can be for as low as 30 minutes for critical issues. Reach out to our sales team for details.

What is a Development Environment?

For improved team collaboration and a more efficient and secure development workflow, you can build your project with multiple development environments. Development environments reflect changes to your project schema but not to your content (see Content Staging).

What are System Tokens?

System tokens can have different grants meant for internal tools e.g. for scripts periodically dumping data, for connecting a legacy CMS, or for importing/exporting data.

Do you provide a reversibility plan for your clients’ data?

Using a headless CMS means having a content exit strategy in place all the time. As any content can be fetched via the API in a JSON format, you can pull out your data at any time. There is no vendor lock-in with Hygraph.

Is it possible to connect Hygraph to a company’s SSO and manage several roles with different permission levels?

Yes, this can be configured. Our user authentication system Auth0 is able to handle this. Auth0 supports the main industry standards such as SAML, WS-Fed, and OAuth 2.0 (OpenID Connect is based on OAuth 2.0) so you can hook any third-party application that you need.

Is the content exposed through my Hygraph project API secured?

All endpoints of projects have an SSL certificate issued and are kept renewed.