Securing Your

Graph

Eve Porcello

eve@moonhighway.com

@eveporcello

Agenda

Monitoring Graph Security
Auth Techniques
Persisted Queries
Demand Control + Query Limits
Contracts

Agenda

1:30pm - Start
2:20 - 2:30 - Break
3:30 - 3:40 - Break
4:30 - End

Goals for today

Employ security best practices
Learn from others and share your experiences

query {
  cat(name: "Biscuit") {
    name
    location
    birthLocation
    weight
    gpa
    astrologicalSign
    hangingInThere
    bicyclePreference
    isADentist
    knowsADentist
    siblings {
      name
      location
    }
  }
}

query {
  cat(name: "Biscuit") {
    name
    location
    birthLocation
    
    
    
    
    
    
    
    
    
    
    
  }
}

{ }

Query

Response

Supergraph

(Router)

Reviews

Colors

Accounts