Neo4j Graphql Skill
Stand up a secured GraphQL API on Neo4j with @neo4j/graphql typeDefs, relationships, Cypher directives, and OGM access.
Overview
neo4j-graphql-skill is an agent skill for the Build phase that configures a Neo4j-backed GraphQL API with @neo4j/graphql directives, auth, OGM, and Apollo integration.
Install
npx skills add https://github.com/neo4j-contrib/neo4j-skills --skill neo4j-graphql-skillWhat is this skill?
- Neo4jGraphQL constructor, getSchema(), and assertIndexesAndConstraints() setup
- @node, @relationship (IN/OUT/UNDIRECTED), and @cypher custom resolver directives
- @authorization and @authentication for JWT/JWKS field security
- Auto-generated queries/mutations plus OGM programmatic access (bypasses GraphQL auth)
- Subscriptions via CDC and Apollo Federation notes for @neo4j/graphql v7 (current) and v5 (LTS)
- Documents @neo4j/graphql v7 (current) and v5 (LTS)
- Skill version 1.0.1 in frontmatter
Adoption & trust: 1 installs on skills.sh; 80 GitHub stars; 2/3 security scanners passed (skills.sh audits); trending (+100% hot-view momentum).
What problem does it solve?
You have a Neo4j graph but no consistent GraphQL layer with relationships, custom Cypher fields, and JWT-aware authorization.
Who is it for?
Builders shipping graph-backed SaaS or internal tools who want declarative GraphQL over Neo4j instead of hand-rolled resolvers for every edge.
Skip if: Spring Data Neo4j entity mapping (use neo4j-spring-data-skill) or workloads that only need ad-hoc Cypher without a GraphQL surface.
When should I use this skill?
When creating a GraphQL API from Neo4j with @neo4j/graphql, writing typeDefs with @relationship/@cypher/@authorization, using OGM, or wiring Neo4j to Apollo Server.
What do I get? / Deliverables
You leave with typeDefs, schema generation steps, index/constraint checks, and integration patterns for Apollo Server and programmatic OGM access.
- GraphQL typeDefs with Neo4j directives and relationship mappings
- Schema bootstrap with indexes/constraints and auth configuration notes
Recommended Skills
Journey fit
GraphQL-on-graph modeling is canonical Build work because you implement the API layer before Ship testing and Launch distribution. Backend subphase fits schema design, resolvers, auth directives, and Apollo Server wiring—not raw Cypher-only scripts.
How it compares
Skill package for @neo4j/graphql API design—not a hosted Neo4j Aura substitute or a generic REST CRUD generator.
Common Questions / FAQ
Who is neo4j-graphql-skill for?
Solo and small-team developers exposing Neo4j through GraphQL with Neo4j’s official library and Apollo-style servers.
When should I use neo4j-graphql-skill?
Use it in Build (backend) when creating a GraphQL API from a graph schema, writing @relationship/@cypher/@authorization typeDefs, or configuring OGM and subscriptions.
Is neo4j-graphql-skill safe to install?
Review the Security Audits panel on this page; the skill may use Bash and WebFetch and touches auth secrets for JWT/JWKS configuration.
SKILL.md
READMESKILL.md - Neo4j Graphql Skill
> **Status: Draft / WIP** # neo4j-graphql-skill Guides agents through building a GraphQL API on Neo4j with the Neo4j GraphQL Library: type definitions, @relationship, @cypher directive, @authorization, and OGM usage. **Install:** ```bash npx skills add https://github.com/neo4j-contrib/neo4j-skills --skill neo4j-graphql-skill ``` Or paste this link into your coding assistant: https://github.com/neo4j-contrib/neo4j-skills/tree/main/neo4j-graphql-skill --- name: neo4j-graphql-skill description: Build and configure a GraphQL API backed by Neo4j using @neo4j/graphql v7 (current) or v5 (LTS). Covers Neo4jGraphQL constructor, getSchema(), assertIndexesAndConstraints(), type definitions with @node, @relationship (IN/OUT/UNDIRECTED), @cypher for custom resolvers, @authorization/@authentication for JWT/JWKS security, auto-generated queries/mutations, OGM programmatic access, subscriptions via CDC, and Apollo Federation. Use when writing typeDefs, securing fields, or wiring Neo4j to Apollo Server. Does NOT handle raw Cypher outside resolvers — use neo4j-cypher-skill. Does NOT cover Spring Data Neo4j entity mapping — use neo4j-spring-data-skill. version: 1.0.1 allowed-tools: Bash WebFetch --- ## When to Use - Creating a GraphQL API from a Neo4j graph schema with `@neo4j/graphql` - Writing type definitions with `@relationship`, `@cypher`, `@authorization` directives - Using OGM for server-side programmatic Neo4j access (bypasses GraphQL auth) - Configuring auto-generated queries, mutations, subscriptions - Securing types/fields with JWT or JWKS-based `@authorization` rules - Migrating from v5/v6 to v7 (breaking changes below) ## When NOT to Use - **Raw Cypher queries outside GraphQL resolvers** → `neo4j-cypher-skill` - **Spring Data Neo4j / Java entity mapping** → `neo4j-spring-data-skill` - **Generic GraphQL without Neo4j** — outside scope --- ## Version Matrix | Version | Status | Notes | |---|---|---| | v7 | Current | `@node` required; `options` removed; explicit `eq` syntax | | v5 | LTS | Older syntax; `options: {limit, offset, sort}` still valid | Default to v7 unless codebase is on v5. --- ## Step 1 — Install ```bash npm install @neo4j/graphql neo4j-driver graphql @apollo/server ``` For subscriptions (CDC required): ```bash npm install ws graphql-ws express body-parser cors ``` --- ## Step 2 — Minimal Server Setup ```javascript import { ApolloServer } from '@apollo/server'; import { startStandaloneServer } from '@apollo/server/standalone'; import { Neo4jGraphQL } from '@neo4j/graphql'; import neo4j from 'neo4j-driver'; const typeDefs = `#graphql type Movie @node { id: ID! @id title: String! actors: [Person!]! @relationship(type: "ACTED_IN", direction: IN) } type Person @node { id: ID! @id name: String! movies: [Movie!]! @relationship(type: "ACTED_IN", direction: OUT) } `; const driver = neo4j.driver( process.env.NEO4J_URI, neo4j.auth.basic(process.env.NEO4J_USERNAME, process.env.NEO4J_PASSWORD) ); const neoSchema = new Neo4jGraphQL({ typeDefs, driver }); // assertIndexesAndConstraints syncs @id → UNIQUE constraints; wrap in try/catch await neoSchema.assertIndexesAndConstraints({ options: { create: true } }); const server = new ApolloServer({ schema: await neoSchema.getSchema() }); const { url } = await startStandaloneServer(server, { context: async ({ req }) => ({ token: req.headers.authorization }), listen: { port: 4000 }, }); ``` `assertIndexesAndConstraints` throws if constraints missing. Use `{ create: true }` to auto-create, or run `CREATE CONSTRAINT` manually and retry. --- ## Key Directives ### @node (v7 required) Every GraphQL type representing a Neo4j node must have `@node`. Without it, v7 ignores the type. ```graphql type Product @node { id: ID! @id name: String! } # Custom label (default = type name) type Article @node(labels: ["Post", "Content"]) { title: String! } ``` ### @relationship — Full Syntax ```graphql type Person @node