Just a quick question (for when we eventually move to Prisma 2/3/++) - if a prisma node is in a managed, serverless environment (like GCP Cloud Run), and we want to protect access using mechanisms there, then it (currently at least) requires that the prisma client in the application node is able to set additional authorization headers. In prisma1 it is not possible to do this, and an additional issue is that Google IAM also prefers the Authorization: Bearer token way, so there is a conflict if one wants to both secure the perimeter and the application-to-prisma authorization. So I think prisma should have the ability to 1) set/add headers to the request to be processed by proxies or whatever in front of the prisma node 2) ability to customize which headers prisma uses, e.g. it could add --x-prisma-authorization: Bearer token as an alternative (at least until some RFC comes along to handle this situation (if it didn't already))

In this case, the only way I see is protecting the endpoints as Prisma isn’t a service anymore but an ORM. A feature request here would be great though explaining your use case.

Hmm, a good point. I think I need to architect that future solution before I know exactly what to ask for 🙂