Security

Securing your GraphQL API is a top priority for everyone. Grafbase provides a number of security features to protect your API from malicious actors. This summary will walk you through the security features available on Grafbase.

One of the most common attacks malicious actors do to GraphQL APIs is sending complex and deeply nested queries to overload the server and/or database. Operation Limits allows you to protect your GraphQL API from these types of attacks.

Trusted Documents is a security feature that allows you to restrict the queries and mutations that can be executed on your GraphQL API. Trusted Documents allow you to define a list of trusted documents that can be executed on your GraphQL API.

Rate Limiting is a well known strategy used to protect against load spikes, or malicious traffic by defining a set of conditions that enforce limits against incoming traffic.

Was this page helpful?