Harden your supergraph with GraphOS and the GraphOS Router's latest security features. We'll cover best practices for securing your graph using the defense-in-depth strategy, including field protection, operation complexity, authentication, query validation, and more.
What you'll learn
- How to protect sensitive fields
- How to control and limit operation complexity
- How to reject unknown queries using automatic persisted queries (APQs)
- How to authenticate and authorize declaratively in schemas (using @authenticated and @requiresScopes directives)
Who this workshop is for
- API developers and platform engineers.
⚠️ Before the workshop...
If you have any questions or run into any issues with the workshop prep, send us an email at summit@apollographql.com. You can also hop on to the Apollo Discord group in the #summit-workshops channel, or scroll to the end of the page to leave a comment. We're here to help!
You will need the following:
You will also need:
Clone the repo locally
Clone the repo
git clone TODOOpen it up in your code editor.
Run
npm install
in a terminal.Run
npm run dev
. This starts up the server in development mode, which means changes you make in your files will automatically restart the server. If all goes well, when you open up http://localhost:4001, you should see Sandbox Explorer! Feel free to play around with the schema if you're curious, but we'll go over it at the workshop!
Share your questions and comments about this lesson
Your feedback helps us improve! If you're stuck or confused, let us know and we'll help you out. All comments are public and must follow the Apollo Code of Conduct. Note that comments that have been resolved or addressed may be removed.
You'll need a GitHub account to post below. Don't have one? Post in our Odyssey forum instead.