16. Securing your graph: A defense-in-depth strategy
5m

Securing your graph: A defense-in-depth strategy

Harden your with and the 's latest security features. We'll cover best practices for securing your graph using the defense-in-depth strategy, including protection, complexity, authentication, validation, and more.

What you'll learn

  • How to protect sensitive s
  • How to control and limit complexity
  • How to reject unknown queries using ()
  • How to authenticate and authorize declaratively in schemas (using @authenticated and @requiresScopes )

Who this workshop is for

  • API developers and platform engineers.

⚠️ Before the workshop...

If you have any questions or run into any issues with the workshop prep, send us an email at summit@apollographql.com. You can also hop on to the Apollo Discord group in the #summit-workshops channel, or scroll to the end of the page to leave a comment. We're here to help!

You will need the following:

Pre-requisites list

You will also need:

Clone the repo locally

  1. Clone the repo

    git clone TODO
  2. Open it up in your code editor.

  3. Run npm install in a terminal.

  4. Run npm run dev. This starts up the server in development mode, which means changes you make in your files will automatically restart the server. If all goes well, when you open up http://localhost:4001, you should see Sandbox Explorer! Feel free to play around with the schema if you're curious, but we'll go over it at the workshop!

Task!
Previous

Share your questions and comments about this lesson

Your feedback helps us improve! If you're stuck or confused, let us know and we'll help you out. All comments are public and must follow the Apollo Code of Conduct. Note that comments that have been resolved or addressed may be removed.

You'll need a GitHub account to post below. Don't have one? Post in our Odyssey forum instead.