GraphQL Security with schema-based access control and introspection separation

security

security_1_introspection

[No, you don’t need to disable introspection](https://inigo.io/blog/you-dont-need-to-disable-introspection). With RBAC Introspection separation, access
control can be completely enforced at the edge. Users gain schema visibility only to 
allowed operations, types, and fields. Learn more about Inigo’s schema-based access control.

## Introspection separation

security_2_query_protection

DoS is the name of the game. Ensure the right security knobs are in 
place to protect against query-based DoS attacks.  

## Query protection

security_3_access_control.svg

security_3_schema_access_control

Keep resolvers clean and tight. Move from complex logic to role-based declarative 
configuration. Easy to maintain and manage during the development lifecycle.

## Schema-based Access Control

security_4_injections

GraphQL injections manifest themself in many ways. Stay guarded against data manipulation and data leaks with input validation across any free-form text.

## Protection from Injections

security_5_compliance

Stay compliant with security audits and regulations. Provable security and easily-accessible reports  ensure your next certificate.

## Meet Compliance Mandates

GraphQL Security

Inigo

What's Inigo?

GQL Platform

Security

Analytics

Rate Limiting

Schema Validation

Developers

Deployment

Playground Documentation 

Resources

About us

Blog

Platform

header_security.svg

GQL Security 

header_analytics.svg

GQL Analytics

header_ops.svg

GQL Rate Limiting

header_schema.svg

header_agnostic.svg

header_github.svg

Documentation

header_slack.svg

Join Slack

About

Blog 

home

analytics

rate_limiting

schema

deployment

KubeCon-NA-2022

about

Platform

Developers

About

Blog

Login

Introspection separation

Query protection

Schema-based Access Control

Protection from Injections

Meet Compliance Mandates

Inigo

GQL Platform

Developers

Resources