APOC Full can be installed with
Neo4j Desktop
, after creating your database, by going to the
Manage
screen, and then the
Plugins
tab.
Click
Install
in the APOC box and wait until you see a green check mark near "APOC".
Since APOC relies on Neo4j’s internal APIs you need to use the
matching APOC version
for your Neo4j installaton.
Make sure that the
first two version numbers match between Neo4j and APOC
.
Go to
the latest release
for
Neo4j version 4.4
and download the binary jar to place into your
$NEO4J_HOME/plugins
folder.
You can find
all releases here
.
After you move the jar file to the plugins folder you have to restart neo4j with
neo4j restart
Since APOC relies on Neo4j’s internal APIs, you need to use the right APOC version for your Neo4j installation.
APOC uses a consistent versioning scheme:
<neo4j-version>.<apoc>
version.
The trailing
<apoc>
part of the version number will be incremented with every apoc release.
The version compatibility matrix explains the mapping between Neo4j and APOC versions:
The apoc version (<APOC_VERSION>) and the Neo4j DBMS versions [NEO4J_VERSION] are incompatible.
See the compatibility matrix in https://neo4j.com/labs/apoc/4.4/installation/ to see the correct version
APOC Full can be used with the
Neo4j Docker image
via the
NEO4JLABS_PLUGINS
environment variable.
If we use this environment variable, the APOC plugin will be downloaded and configured at runtime.
The following runs Neo4j 4.0 in a Docker container with the latest version of the APOC Library
docker run \
-p 7474:7474 -p 7687:7687 \
-v $PWD/data:/data -v $PWD/plugins:/plugins \
--name neo4j-apoc \
-e NEO4J_apoc_export_file_enabled=true \
-e NEO4J_apoc_import_file_enabled=true \
-e NEO4J_apoc_import_file_use__neo4j__config=true \
-e NEO4JLABS_PLUGINS=\[\"apoc\"\] \
neo4j:4.0
We should see the following two lines in the output after running this command:
Fetching versions.json for Plugin 'apoc' from https://neo4j-contrib.github.io/neo4j-apoc-procedures/versions.json
Installing Plugin 'apoc' from https://github.com/neo4j-contrib/neo4j-apoc-procedures/releases/download/4.4.0.20/4.4.0.20-all.jar to /plugins/apoc.jar
In a production environment we should download the APOC release matching our Neo4j version and, copy it to a local folder, and supply it as a data volume mounted at
/plugins
.
The following downloads the APOC Library into the
plugins
directory and then mounts that folder to the Neo4j Docker container
mkdir plugins
pushd plugins
wget https://github.com/neo4j-contrib/neo4j-apoc-procedures/releases/download/4.4.0.20/apoc-4.4.0.20-all.jar
docker run --rm -e NEO4J_AUTH=none -p 7474:7474 -v $PWD/plugins:/plugins -p 7687:7687 neo4j:4.4
If you want to pass custom apoc config to your Docker instance, you can use environment variables, like here:
docker run \
-p 7474:7474 -p 7687:7687 \
-v $PWD/data:/data -v $PWD/plugins:/plugins \
--name neo4j-apoc \
-e NEO4J_apoc_export_file_enabled=true \
-e NEO4J_apoc_import_file_enabled=true \
-e NEO4J_apoc_import_file_use__neo4j__config=true \
neo4j
The APOC library contains hundreds of procedures and functions.
It is not recommended to load all of these into the dbms, but instead use the principle of least privilege.
This principle dictates that only the procedures and functions necessary to execute the user’s workload should be
loaded.
The procedures and functions that should be loaded can be specified using the database configuration setting
dbms.security.procedures.allowlist
located in the
conf/neo4j.conf
file.
For example, to load
apoc.math.maxInt
and all functions in the
apoc.rel
package, use:
The default value of
dbms.security.procedures.allowlist
is to load all procedures and functions.
It is therefore recommended to override the setting with a minimum list of procedures required.
If no APOC functionality is required, then it is recommended to remove the APOC plugin altogether.
For security reasons, procedures and functions that use internal APIs are disabled by default.
In this case, it is also recommended to use the principle of least privilege and to only unrestrict those procedures and
functions which are certain to be used.
The procedures and functions that should be unrestricted can be specified using the database configuration setting
dbms.security.procedures.unrestricted
located in the
conf/neo4j.conf
file.
For example, to unrestrict
apoc.cypher.runFirstColumn
and all procedures and functions in the
apoc.cypher
package,
To unrestrict a whole package of APOC procedures and functions when using the Neo4j Docker container, it is possible
to do so via environment variables.
For example, to load all functions in the
apoc.cypher
package, users must add the following argument to the Docker run
command:
More information about loading and unrestricting procedures and functions can be found in the Neo4j
Securing Extensions
guidelines.
These dependencies are specifically not included in the APOC Core jar, but
can be added as separate jars as described
here
.
If the extra dependencies are not included, warnings will show in the debug log file (debug.log)
that can be ignored if the respective functionality is not needed.
An example of such a warning would be:
Failed to load `apoc.util.s3.S3URLConnection`
Join us for the biggest graph community conference dedicated to learning how to integrate graph technologies into ML and dev projects.
Save your spot
©
Neo4j, Inc.
Terms
|
Privacy
|
Sitemap
Neo4j
®
, Neo Technology
®
, Cypher
®
, Neo4j
®
Bloom
™
and
Neo4j
®
Aura
™
are registered trademarks
of Neo4j, Inc. All other marks are owned by their respective companies.
US: 1-855-636-4532
Sweden +46 171 480 113
UK: +44 20 3868 3223
France: +33 (0) 1 88 46 13 20
