Join our newsletter

GraphQL 2023 Predictions

Shahar Binyamin·

What should you expect from GraphQL this year?

In short, a lot. We’re expecting a significant increase in the adoption of GraphQL throughout 2023. Companies are increasingly seeking a path to modernize the way they build and manage APIs; GraphQL is increasingly the answer.

Simply put, the benefits that GraphQL provides for developers (and users) have become too consequential to ignore. With GraphQL, developers can create APIs tailored to a client's specific needs, rather than being limited to a fixed set of endpoints. That GraphQL benefit has always been there, but as the technology has grown up, so has the development of GraphQL frameworks and tools supporting teams in their API modernization initiatives. These tools are making it far easier for organizations to work with GraphQL and, just as significantly, increasingly sophisticated solutions are being developed to support GraphQL at greater scale.

In addition to the continuous development of GraphQL frameworks and tools, we expect to see further refinement of the GraphQL specification and its ecosystem in the coming year. The GraphQL community is growing rapidly—accelerated by the work of the GraphQL Foundation—and this will lead to an increased focus on the specification (as well as the tools that support it).

As GraphQL becomes more widely adopted, there will also be an increased focus on security. Like other developer-driven movements, GraphQL posed new and urgent security and management challenges as enterprises use it at scale. Among these hurdles are protecting against GraphQL injection attacks, rate limiting, and developing best practices to prevent these attacks.

In 2023, we expect to see a significant increase in the use of dedicated and sophisticated security solutions that can handle GraphQL and the sensitive data that it often handles—such as financial and medical information, along with other types of personally identifiable information. (This isn’t just good practice—getting it right is mandatory to achieve regulatory compliance mandates.) These purpose-built GraphQL solutions and tools will be increasingly necessary as mainstream firewalls and intrusion detection systems struggle to keep up with the rapid evolution of GraphQL.

GraphQL is maturing, the technologies supporting it are maturing, and 2023 will be a particularly significant year for the API query language. It’s an exciting time, but teams and their organizations need to have their plan for GraphQL-at-scale—and the right tools—ready to go.