GraphQL is gaining popularity due to the flexibility associated with its usage. Since different users will have different query requirements, GraphQL APIs require rate limiting policies that provide users the flexibility to query required data whilst protecting itself from being overwhelmed.
When using GraphQL APIs, its declarative nature of data retrieval enables users to query the exact amount of data required without under fetching or over fetching. Since different queries have different data load and computational complexities, using traditional request count based rate-limiting policies is ill-suited for GraphQL APIs. When enforcing rate-limiting policies to these APIs it is imperative to ensure that it will not hinder the user’s ability to query data. This can be achieved by categorizing users based on their query requirements and introducing rate-limiting policies for each category based on the depth and complexity of their query requirement. WSO2 API Manager consists of a Static Query Analyser which can enforce rate limiting to GraphQL APIs using both depth and complexity analysis.
By attending this webinar, you will get a hands-on understanding of how you can protect GraphQL backends using rate limiting.