GraphQL Federation has historically been constrained by the complexities of managing subgraphs, custom integrations, and infrastructure overhead. While existing solutions provide ways to unify GraphQL APIs, they still require significant operational effort. Until now.
We’re excited to introduce Grafbase Extensions, a powerful new way to customize and enhance your GraphQL APIs without the hassle of building and maintaining additional infrastructure. With WebAssembly-powered extensions, you can federate any API, database, or service into your GraphQL schema, whether it’s REST, gRPC, or Kafka. With Extensions, you can bring in any authentication (e.g. OpenID connect) or custom authorization logic directly into the gateway.
Federating GraphQL traditionally involves custom subgraphs, dedicated infrastructure, and deep integration with the gateway. This process is time-consuming and limits the flexibility of teams to quickly adapt to new data sources.
Grafbase Extensions remove the need for custom subgraphs and allow developers to federate any API or database using GraphQL directives. This means:
- No additional infrastructure needed
- No GraphQL subgraphs required
- Integrate with any data source or service
Whether you need custom authentication, authorization, caching, or event streaming, you can either install an existing extension from the Extension Marketplace or build your own with the Grafbase SDK.
Grafbase Extensions are WebAssembly modules built with a first-class Rust SDK and designed to run natively within the Grafbase gateway. The host interface uses the WASI 0.2 (soon 0.3) standard. This approach ensures:
- Native performance - No additional overhead
- Seamless gateway integration - No extra middleware required
- Secure execution - Thanks to WebAssembly sandboxing
- Federate non-GraphQL APIs: REST, gRPC, SOAP, and more
- Connect directly to databases: Postgres, MySQL, MongoDB, Snowflake, and more
- Event streaming: Kafka, NATS, Redis, and more
- Custom field-level authorization: Define fine-grained permissions
- Arbitrary I/O: With fine-grained per-extension permissions
- Secure execution: WebAssembly-powered sandboxing
- Choose an extension from the Extensions Marketplace
- Follow the instructions on the extension's README page
- Deploy & start querying your API
Grafbase Extensions allow you to build custom authentication, authorization, caching, or event streaming.
Steps to build an extension:
- Define your extension logic
- Package it using WebAssembly
- Deploy & test with the Grafbase CLI
Learn more in the Extensions documentation
We are just getting started with Grafbase Extensions and we look forward to seeing what the community builds.
Here's what the current roadmap includes:
- Authentication - OpenID Connect
- Authorization – OAuth 2.0, SpiceDB, OPA
- Streaming – Kafka, S2, Redis
- Databases – Postgres, MySQL, MongoDB, SQLite
- Caching – Memcached
Want to contribute an extension? Check out this guide.
Grafbase Extensions are available now, and we can’t wait to see what you build!
Federation should be flexible, not frustrating. With Grafbase Extensions, you get the freedom to customize, integrate, and extend your GraphQL APIs like never before—all without managing subgraphs.
We’d love your feedback! What extensions would you like to see? Drop us a comment or join the conversation on Discord.