Carlos Eberhardt
Sridhar RajagopalanYou know how to secure REST endpoints. But are you worried about securing GraphQL? Is GraphQL less secure than REST? What do developers need to know? Should developers design the API first, secure it second? We hope you walk away with ideas and best practices for the ever-important topic of API security.
Samuel HillThe expiration of access tokens is a security feature of the OAuth Authorization process. Using a custom GraphQL directive, StepZen lets developers continuously keep these tokens secure and up to date.
Dan Debrunner
Charlie KimGraphQL supports subscriptions. StepZen makes it really easy, but unlike other systems, any query can be converted to a subscription. The query does not have to be against a single database. This blog describes how easy it is in StepZen to run subscriptions.
Helen WhelanWe designed a GraphQL Architecture Master Class as a series of webinars to explore some of the issues, questions, and concerns we hear from developers and architects. We thank all of those we've worked with over the years - it is through exploring challenges and use cases that we distill tips, tricks, and perspectives. We hope you walk away with ideas and best practices for your GraphQL implementations.
Roy DerksToday's app developer is fetching data from multiple sources - databases, APIs (first and third-party) - with all sorts of specifications. With GraphQL becoming popular to federate data, this post looks at how to compose data from Fauna and GitHub using GraphQL and StepZen.
Roy DerksGraphQL is very good at helping you compose your data from different data sources, and type extensions help you with data modeling. In this post, we'll look at how to use type extensions to model different data sources in GraphQL.
Viktor LukashovGraphQL is a popular and feature-rich solution for accessing data and building APIs, but not every application needs it. What makes GraphQL stand out and how is it different from REST? When does it make sense to use which? Read on to find out.
Eric Hanson
Bobbie CochraneSingleStore and StepZen are a powerful combination that simplifies data access for developers. Application programmers can use StepZen to quickly build and deploy a GraphQL API to deliver the fast operational analytics computed by SingleStoreDB.
Roy DerksWhen you're writing client-side code to make API requests, you might need a Proxy Server to hide your API Credentials. Let's see how to do this for a React application that uses Apollo Client and StepZen.
Roy DerksGraphQL APIs are becoming the defacto API standard. But what if you want to use a GraphQL API in a legacy application that only supports REST? This blog post will show you how to use Kong to turn your StepZen GraphQL APIs into REST.
Anant JhingranWhile data catalog and SQL federation have a role to play, GraphQL leads to faster time to value across a larger and heterogeneous set of backends.
Roy DerksPagination maintains the application's efficiency by receiving data in subsequent requests. Let's see how it works in GraphQL and how to implement it using StepZen.
Roy DerksWith StepZen, you can build and deploy GraphQL APIs in the cloud, which works well for other cloud-based services, such as an AWS RDS PostgreSQL database.
Johannes ErikssonHow to orchestrate a StepZen-based application together with its dependent data source and the StepZen service providing the GraphQL API endpoint services using Docker Compose.
Roy DerksGraphQL gives you many of the benefits you get from an API gateway at no additional cost. Then why is using GraphQL as the API gateway in your API architecture not yet very common? Let's explore the tradeoffs.
Roy DerksHacktoberfest 2022 is about to start! Join us for the latest edition of Hacktoberfest by contributing to StepZen. Contributors will receive StepZen goodies and Hacktoberfest swag.
Roy DerksIn this post we will go over the challenges of caching a GraphQL API and how an API gateway can help with this. By using Kong as an API gateway for StepZen GraphQL APIs
Viktor LukashovOngoing change in the StepZen backend data model made our existing REST API obsolete. Instead of rewriting the REST API to match the backend changes, we built a GraphQL API on top of a PostgreSQL database to match the new backend data model.
Roy DerksAnnouncement! Everyone can now locally develop GraphQL APIs with Docker.
Charlie KimGraphQL APIs allow for introspection to view the schema. However, a best practice is to turn off introspection in production. Access Control policies allow for this.
Dan DebrunnerBobbie CochraneWe'll wrap up our series on GraphQL optimization techniques with a focus on how to employ batch and combine techniques for minimizing backend requests when an application is using GraphQL.
Leonardo LosovizEven if not a programming language itself, GraphQL servers and clients depend on a programming language. This second of two posts continues an argument that the GraphQL spec needs to support some features found in programming languages.
Anant JhingranGraphQL makes enterprise data “liquid” from a consumption perspective. But with such liquidity comes the possibility of opening new vulnerabilities. In this article, we explore challenges for data rights, data protection, and data sovereignty and describe mechanisms that can mitigate them.
Samuel HillThe StepZen Dashboard is your go-to portal for assessing your GraphQL endpoints and the resources to help you scale your endpoints. Today we're adding a couple of key new capabilities.
Dan DebrunnerBobbie CochraneIn Part 3 of our GraphQL Optimization series, we'll focus on two well-known techniques - caching and prefetching - as how we think about them in the context of GraphQL optimization.