Blog

Security

How to Use Access Control Policies to Manage Introspection

How to Use Access Control Policies to Manage Introspection

GraphQL APIs allow for introspection to view the schema. However, a best practice is to turn off introspection in production. Access Control policies allow for this.

Easy Attribute-based Access Control for any GraphQL API

Easy Attribute-based Access Control for any GraphQL API

GraphQL APIs are excellent for frontend developers, providing a simpler interface and more capabilities with a single request. However, this does raise security questions. Here we look at a StepZen feature designed to help address those security concerns.

This site uses cookies: By using this website, you consent to our use of cookies in accordance with our Website Terms of Use and Cookie Policy.