Query Protection

Real-time protection

Providing real-time protection helps prevent data tampering, malicious traffic and slow (or unresponsive) API responses. Improving the performance and responsiveness of the API.

protection_1@3x.gif

Spec abuse/query protection

DoS is the name of the game. Ensure the right security knobs are in place to protect against query-based DoS attacks.

security_2_query_protection.webp

Injections

GraphQL’s complex payload expands attackers' ability to inject malicious payloads and compromise its underlying system.

Properly validate and sanitize any user-supplied input in a GraphQL API to prevent injection attacks. Read more.

protection_3_@2x.webp
Access Control

Introspection separation

No, you don’t need to disable introspection. With RBAC Introspection separation, access control can be completely enforced at the edge. Users gain schema visibility only to allowed operations, types, and fields. Learn more about Inigo’s schema-based access control.

security_1_introspection_separation@2x.webp

Schema-based access control

Keep resolvers clean and tight. Transform from complex code logic into role-based declarative configuration. Easy to maintain and manage during the development lifecycle.

security_2_schema_based@2x.gif
Rate Limiting

Object-based Rate Limiting

We found that the most robust way to think about GraphQL Rate Limiting is by looking at the server’s consumption and its real usage. The Inigo platform does this by counting each query’s requested objects and returned objects against a time frame limit (e.g. 1,000 objects per minute). By using object-based rate limiting, your server can be protected against potential performance degradation, while still allowing for a flexible and efficient use of the API.

protection_6@2x.gif

Inbound object limits

Limit the number of requests that can be made against specific operations and mutations. This way, your server can be protected from being overwhelmed by a large number of requests for a single object, while still allowing for a reasonable amount of requests for other objects.

protection_4@2x.gif

Data scraping protection

Analyze and evaluate each response to accurately any instances of data scraping or resource-heavy objects that could potentially cause an overload in your system. This real-time proactive approach ensures that your system is protected against any potential performance degradation, thereby preserving its stability and reliability.

protection_5@2x.gif
Get started with Inigo
Start for free
Schedule a demo