On-Demand Webinar

Rate-Limiting GQLs Using Depth and Complexity Analysis

Wednesday, September 16, 2020

GraphQL is gaining popularity due to the flexibility associated with its usage. Since different users will have different query requirements, GraphQL APIs require rate limiting policies that provide users the flexibility to query required data whilst protecting itself from being overwhelmed.

When using GraphQL APIs, its declarative nature of data retrieval enables users to query the exact amount of data required without under fetching or over fetching. Since different queries have different data load and computational complexities, using traditional request count based rate-limiting policies is ill-suited for GraphQL APIs. When enforcing rate-limiting policies to these APIs it is imperative to ensure that it will not hinder the user’s ability to query data. This can be achieved by categorizing users based on their query requirements and introducing rate-limiting policies for each category based on the depth and complexity of their query requirement. WSO2 API Manager consists of a Static Query Analyser which can enforce rate limiting to GraphQL APIs using both depth and complexity analysis.

By attending this webinar, you will get a hands-on understanding of how you can protect GraphQL backends using rate limiting.

During the webinar, we will cover:
  • An introduction to GraphQL
  • Securing GraphQL APIs using rate limiting
  • Live demo
Who should attend:
  • API Developers
  • Full-stack developers

Presented by

Fazlan Nazeem

Fazlan Nazeem

Associate Technical Lead, WSO2

Fazlan Nazeem is an associate technical lead in the WSO2 API Manager team. He is a contributor to the Apache Spark project and the PMML specification. Fazlan has been involved in numerous customer engagements and provided consultancy to WSO2 customers.

Ruwini Wijesiri

Ruwini Wijesiri

Senior Software Engineer, WSO2

Ruwini Wijesiri is a senior software engineer in the WSO2 API Manager team. She is currently involved with WSO2 API Manager Analytics development.