How to Reduce Security Risks in API Architectures: GraphQL Architecture Master Class
Carlos EberhardtSridhar Rajagopalan
You know how to secure REST endpoints. But are you worried about securing GraphQL? Is GraphQL less secure than REST? What do developers need to know? Should developers design the API first, secure it second? We hope you walk away with ideas and best practices for the ever-important topic of API security.
Handling Authentication in GraphQL with JWT and Auth0
The expiration of access tokens is a security feature of the OAuth Authorization process. Using a custom GraphQL directive, StepZen lets developers continuously keep these tokens secure and up to date.
Subscriptions across any backend, not just databases
Dan DebrunnerCharlie Kim
GraphQL supports subscriptions. StepZen makes it really easy, but unlike other systems, any query can be converted to a subscription. The query does not have to be against a single database. This blog describes how easy it is in StepZen to run subscriptions.
GraphQL Architecture Master Class: Build Quicker. Run Better.
We designed a GraphQL Architecture Master Class as a series of webinars to explore some of the issues, questions, and concerns we hear from developers and architects. We thank all of those we've worked with over the years - it is through exploring challenges and use cases that we distill tips, tricks, and perspectives. We hope you walk away with ideas and best practices for your GraphQL implementations.
Compose Data from Fauna and GitHub using GraphQL and StepZen
Today's app developer is fetching data from multiple sources - databases, APIs (first and third-party) - with all sorts of specifications. With GraphQL becoming popular to federate data, this post looks at how to compose data from Fauna and GitHub using GraphQL and StepZen.
Extending types For Data Modelling in GraphQL
GraphQL is very good at helping you compose your data from different data sources, and type extensions help you with data modeling. In this post, we'll look at how to use type extensions to model different data sources in GraphQL.
GraphQL vs. REST
GraphQL is a popular and feature-rich solution for accessing data and building APIs, but not every application needs it. What makes GraphQL stand out and how is it different from REST? When does it make sense to use which? Read on to find out.
Access Fast Operational Analytics with an Easily-built and Scalable GraphQL API using SingleStore and StepZen
Eric HansonBobbie Cochrane
SingleStore and StepZen are a powerful combination that simplifies data access for developers. Application programmers can use StepZen to quickly build and deploy a GraphQL API to deliver the fast operational analytics computed by SingleStoreDB.
Hiding Your API Credentials Client Side using a Proxy Server in React
When you're writing client-side code to make API requests, you might need a Proxy Server to hide your API Credentials. Let's see how to do this for a React application that uses Apollo Client and StepZen.
Turn Your StepZen GraphQL APIs into REST with Kong
GraphQL APIs are becoming the defacto API standard. But what if you want to use a GraphQL API in a legacy application that only supports REST? This blog post will show you how to use Kong to turn your StepZen GraphQL APIs into REST.
The Case for a Federated Data Access Layer with GraphQL
While data catalog and SQL federation have a role to play, GraphQL leads to faster time to value across a larger and heterogeneous set of backends.
Implementing Cursor-based Pagination For Every GraphQL API
Pagination maintains the application's efficiency by receiving data in subsequent requests. Let's see how it works in GraphQL and how to implement it using StepZen.
Generate a GraphQL API For Amazon RDS PostgreSQL With StepZen
With StepZen, you can build and deploy GraphQL APIs in the cloud, which works well for other cloud-based services, such as an AWS RDS PostgreSQL database.
How to Deploy a GraphQL API in a Contained Environment with StepZen and Docker Compose
How to orchestrate a StepZen-based application together with its dependent data source and the StepZen service providing the GraphQL API endpoint services using Docker Compose.
GraphQL as the New API Gateway?
GraphQL gives you many of the benefits you get from an API gateway at no additional cost. Then why is using GraphQL as the API gateway in your API architecture not yet very common? Let's explore the tradeoffs.
Join us for Hacktoberfest 2022 by contributing to StepZen
Hacktoberfest 2022 is about to start! Join us for the latest edition of Hacktoberfest by contributing to StepZen. Contributors will receive StepZen goodies and Hacktoberfest swag.
How to Cache GraphQL Requests Using Kong and StepZen
In this post we will go over the challenges of caching a GraphQL API and how an API gateway can help with this. By using Kong as an API gateway for StepZen GraphQL APIs
Using StepZen to Power the StepZen CLI
Ongoing change in the StepZen backend data model made our existing REST API obsolete. Instead of rewriting the REST API to match the backend changes, we built a GraphQL API on top of a PostgreSQL database to match the new backend data model.
Announcing Local Development of StepZen GraphQL APIs with Docker
Announcement! Everyone can now locally develop GraphQL APIs with Docker.
How to Use Access Control Policies to Manage Introspection
GraphQL APIs allow for introspection to view the schema. However, a best practice is to turn off introspection in production. Access Control policies allow for this.
GraphQL Optimization: Batching and Combining Requests
Dan DebrunnerBobbie Cochrane
We'll wrap up our series on GraphQL optimization techniques with a focus on how to employ batch and combine techniques for minimizing backend requests when an application is using GraphQL.
How is GraphQL Different from Programming Languages? Part2
Even if not a programming language itself, GraphQL servers and clients depend on a programming language. This second of two posts continues an argument that the GraphQL spec needs to support some features found in programming languages.
GraphQL Makes Data Liquid — What It Means for Data Protection
GraphQL makes enterprise data “liquid” from a consumption perspective. But with such liquidity comes the possibility of opening new vulnerabilities. In this article, we explore challenges for data rights, data protection, and data sovereignty and describe mechanisms that can mitigate them.
StepZen Dashboard: New sample queries and other improvements
The StepZen Dashboard is your go-to portal for assessing your GraphQL endpoints and the resources to help you scale your endpoints. Today we're adding a couple of key new capabilities.