SlideShare ist ein Scribd-Unternehmen logo

Deploying GraphQL Services as Managed APIs

WSO2
WSO2

GraphQL is an emerging query manipulation language for APIs. It is an open source runtime for querying and retrieving existing data in an optimal manner making applications more efficient. With the flexibility it offers over REST APIs, many organizations are now interested in and are adopting GraphQL applications widely. While GraphQL focuses on what it does best, backend developers still worry about ensuring their GraphQL services are exposed in a secure, controlled, monitored, and sometimes, even in a monetized environment. This is where an API gateway is useful as the middle layer to provide a significant value to GraphQL queries, mutations, and subscriptions. This slide deck will discuss the following: - An introduction to GraphQL - Why and when to use GraphQL APIs - Exposing GraphQL service as managed APIs: The necessity of an API Manager - Deploying a GraphQL service via WSO2 API Manager : Security, authentication, authorization, and rate-limiting - Invoking GraphQL APIs via the integrated GraphiQL UI in Developer Portal - GraphQL Analytics Watch the webinar on-demand here: https://wso2.com/library/webinars/deploying-graphql-services-as-managed-apis/

Technologie
1 von 38
Downloaden Sie, um offline zu lesen
Deploying GraphQL Services as Managed APIs Hiranya Abeyrathne Software Engineer WSO2 Webinar - 05th May 2020 Naduni Pamudika Senior Software Engineer
Discussion Points ● Introduction to GraphQL ● Why and When to use GraphQL APIs ● Exposing GraphQL service as Managed APIs ○ The necessity of an API Manager ● Deploying a GraphQL service via WSO2 API Manager ○ Security, Authentication, Authorization, and Rate-Limiting ● Invoking GraphQL APIs via the Integrated GraphiQL UI in Developer Portal ● GraphQL Analytics
Introduction to GraphQL
GraphQL ● A query language for your APIs. ● Gives what you request, nothing more and nothing less. ● GraphQL specification is an SDL (Schema Definition Language). ● Created by Facebook in 2012 and released for open-source in 2015. ● Ability to make API calls more efficient, flexible, and developer-friendly. ● Served over HTTP via a single endpoint. ● Specification - https://spec.graphql.org/June2018/ ● Reference Implementation - https://github.com/graphql/graphql-js ● Implementation support in many languages - https://graphql.org/code/
Products Management Service Retailer Id: ID Name: String Customer Id: ID Name: String Product Id: ID Name: String Category: enum ( CLOTHING FOOTWEAR COSMETICS ) 1 m 1 m m m
Image Area Type System ● Defines the capabilities of an API ● All the types are exposed in an API, written down in a language called GraphQL Schema Definition Language ● Contract between the server and the client. Once it is defined, both sides are aware of the data structure ● Query, Mutation, and Subscription root types
Query
Mutation
● GraphQL subscriptions allow you to be notified in real-time of changes to your data. ● In ProductsManagement service, a retailer will be notified whenever a new Customer node is created. Subscription
Why and When to use GraphQLs
● Consider the same ProductsManagement service example, where the retailer wants to know the list of customers who ordered a particular product. ● If you try this with REST, you need to do the following three API calls. REST vs GraphQL
Image Area REST API Call 1 Fetch a list of allProducts (/products/)
Image Area REST API Call 2 Fetch the list of customers’ Ids sending the particular product Id (/products/<orderedProductId>/ customers)
Image Area REST API Call 3 Fetch the customer specific details by sending their Ids one by one (/products/<orderedProductId>/ customers/<id>)
Image Area GraphQL Service Call Returns the details of a list of customers for the particular product with just a single query
Why and When to Use GraphQL ● No more over-fetching or under-fetching ● Single API call data fetching ● Auto generated documentation using GraphiQL ● Versionless API evolution ● High performance in data fetching networks ● Schema and Type System ● Not good for complex queries - Slow down performance and kill the efficiency of GraphQL applications ● Not a perfect fit for content delivery networks - No HTTP cache support
Exposing GraphQLs as Managed APIs
The necessity of an API Manager ● First class support for creating/publishing GraphQL APIs ● Authentication and security ● Role based access control for each operation - Authorization for GraphQL APIs ● Rate limiting GraphQL operations ● Operational level Analytics ● Detect and block malicious/unintentional/poor queries
Deploying a GraphQL service via WSO2 API Manager
First Class Support for GraphQL APIs ● Create a GraphQL API by importing an SDL schema ● Identify GraphQL APIs automatically in the Portals ● Display operation list instead of resources ● Display SDL schema instead of Open API definition ● Download option for SDL schema in Publisher and Developer Portal ● Search option to GraphQL type APIs ( type: GRAPHQL)
Deploying ProductsAPI via WSO2 Publisher
Authentication for GraphQL APIs ● APIs are mostly exposed to external users. ● Security plays a major role at this point as it is crucial to ensure that the users who access the API operations are authentic. ● There can be some GraphQL API operations are exposed to the public; giving access to anyone without authenticating to the system. ● WSO2 APIM provides the ability to enable or disable operational level security at the Publisher. ● For instance, allProducts operation in ProductsAPI should be accessible by anyone, hence the security needs to be disabled.
Operational Level Security
Authentication
Authorization for GraphQL APIs ● The operations defined at the Graphql SDL needs to be accessed by only a subset of users in an organization. ● Only the authorized parties should have the access. ● WSO2 APIM provides the ability to assign different levels of permissions to the API operations using fine grained access control with OAuth2 scopes. ● An API developer needs to distribute the privileges of “ProductsAPI” operations among the Retailer and Customer user groups to limit accessing the API.
Operational level Access Control
Rate Limiting for GraphQL Operations ● There can be specific operations which can be expensive to execute. ● Therefore, allowing the same rate limits to all the operations will not be a good idea in a production system. ● WSO2 API Manager can manage easily operational level rate limits. ● An API developer is able to set rate limiting either at operational level or API level to manage operation based traffic. ● For example, fetching the products list should be available to anyone limitlessly, thus has been assigned with the Unlimited value.
Operational Level Rate Limiting
Invoking GraphQL APIs
Discovering and Consuming GraphQL APIs via DevPortal ● A listing of GraphQL APIs ● Search option to GraphQL type APIs ● Categorizing ● Documentation ● Developer friendly try-out tooling ● Rating and Commenting for the APIs
Discovering and Consuming GraphQL APIs via DevPortal
Demo
Operational Level Analytics
Roadmap ● Subscription Plans on Query Complexities ● Microgateway Support ● Websocket Subscription
Q & A
● Download API Manager: https://wso2.com/api-management/ ● GitHub: https://github.com/wso2/product-apim/issues ● Slack Channel: https://app.slack.com/client/TLVKGQN84/CLVKGR3BN ● Subscribe to YouTube Channel: https://www.youtube.com/channel/UCuWrSEtlGX9dcd5jiK6lovw
Next Webinar ● 12th May - Overview of API Microgateway 3.1
THANK YOU wso2.com

Empfohlen

Exposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIsExposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIs
WSO2
 
Digital Transformation for Karnataka Bank Through API-led Integration
Digital Transformation for Karnataka Bank Through API-led IntegrationDigital Transformation for Karnataka Bank Through API-led Integration
Digital Transformation for Karnataka Bank Through API-led Integration
WSO2
 
Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...
Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...
Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...
WSO2
 
[Workshop] API-driven Integration
[Workshop] API-driven Integration[Workshop] API-driven Integration
[Workshop] API-driven Integration
WSO2
 
Real-Time ETL in Practice with WSO2 Enterprise Integrator
Real-Time ETL in Practice with WSO2 Enterprise IntegratorReal-Time ETL in Practice with WSO2 Enterprise Integrator
Real-Time ETL in Practice with WSO2 Enterprise Integrator
WSO2
 
Exposing GraphQLs as Managed APIs
Exposing GraphQLs as Managed APIsExposing GraphQLs as Managed APIs
Exposing GraphQLs as Managed APIs
WSO2
 
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
WSO2
 
Rate Limiting GQLs Using Depth and Complexity Analysis
Rate Limiting GQLs Using Depth and Complexity AnalysisRate Limiting GQLs Using Depth and Complexity Analysis
Rate Limiting GQLs Using Depth and Complexity Analysis
WSO2
 

Empfohlen

Exposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIsExposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIs
WSO2
 
Digital Transformation for Karnataka Bank Through API-led Integration
Digital Transformation for Karnataka Bank Through API-led IntegrationDigital Transformation for Karnataka Bank Through API-led Integration
Digital Transformation for Karnataka Bank Through API-led Integration
WSO2
 
Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...
Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...
Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...
WSO2
 
[Workshop] API-driven Integration
[Workshop] API-driven Integration[Workshop] API-driven Integration
[Workshop] API-driven Integration
WSO2
 
Real-Time ETL in Practice with WSO2 Enterprise Integrator
Real-Time ETL in Practice with WSO2 Enterprise IntegratorReal-Time ETL in Practice with WSO2 Enterprise Integrator
Real-Time ETL in Practice with WSO2 Enterprise Integrator
WSO2
 
Exposing GraphQLs as Managed APIs
Exposing GraphQLs as Managed APIsExposing GraphQLs as Managed APIs
Exposing GraphQLs as Managed APIs
WSO2
 
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
WSO2
 
Rate Limiting GQLs Using Depth and Complexity Analysis
Rate Limiting GQLs Using Depth and Complexity AnalysisRate Limiting GQLs Using Depth and Complexity Analysis
Rate Limiting GQLs Using Depth and Complexity Analysis
WSO2
 
Adaptive Scaling of Microgateways on Kubernetes
Adaptive Scaling of Microgateways on KubernetesAdaptive Scaling of Microgateways on Kubernetes
Adaptive Scaling of Microgateways on Kubernetes
WSO2
 
Explore the Latest on WSO2 Identity Server 5.11
Explore the Latest on WSO2 Identity Server 5.11Explore the Latest on WSO2 Identity Server 5.11
Explore the Latest on WSO2 Identity Server 5.11
WSO2
 
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...
WSO2
 
How to move from Monolith to Microservice
How to move from Monolith to MicroserviceHow to move from Monolith to Microservice
How to move from Monolith to Microservice
Safaridin Salim
 
API Management for GraphQL
API Management for GraphQLAPI Management for GraphQL
API Management for GraphQL
WSO2
 
What’s new in WSO2 Enterprise Integrator 6.6
What’s new in WSO2 Enterprise Integrator 6.6What’s new in WSO2 Enterprise Integrator 6.6
What’s new in WSO2 Enterprise Integrator 6.6
WSO2
 
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
WSO2
 
Cloud Native API Management : Microservices to APIs in Kubernetes
Cloud Native API Management : Microservices to APIs in KubernetesCloud Native API Management : Microservices to APIs in Kubernetes
Cloud Native API Management : Microservices to APIs in Kubernetes
WSO2
 
[WSO2Con EU 2018] Adaptive and Iterative Integration for Microservices and Cl...
[WSO2Con EU 2018] Adaptive and Iterative Integration for Microservices and Cl...[WSO2Con EU 2018] Adaptive and Iterative Integration for Microservices and Cl...
[WSO2Con EU 2018] Adaptive and Iterative Integration for Microservices and Cl...
WSO2
 
[WSO2Con EU 2018] Up-Leveling Brownfield Integration
[WSO2Con EU 2018] Up-Leveling Brownfield Integration[WSO2Con EU 2018] Up-Leveling Brownfield Integration
[WSO2Con EU 2018] Up-Leveling Brownfield Integration
WSO2
 
5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs
WSO2
 
[Workshop] API Management in Microservices Architecture
[Workshop] API Management in Microservices Architecture[Workshop] API Management in Microservices Architecture
[Workshop] API Management in Microservices Architecture
WSO2
 
Online Meetup - MuleSoft - June 2020
Online Meetup - MuleSoft - June 2020 Online Meetup - MuleSoft - June 2020
Online Meetup - MuleSoft - June 2020
Royston Lobo
 
WSO2 User Group Bangalore Meetup
WSO2 User Group Bangalore MeetupWSO2 User Group Bangalore Meetup
WSO2 User Group Bangalore Meetup
WSO2
 
[WSO2Con USA 2018] Up-leveling Brownfield Integration
[WSO2Con USA 2018] Up-leveling Brownfield Integration [WSO2Con USA 2018] Up-leveling Brownfield Integration
[WSO2Con USA 2018] Up-leveling Brownfield Integration
WSO2
 
API Management for GraphQL
API Management for GraphQLAPI Management for GraphQL
API Management for GraphQL
WSO2
 
Productising your Microservices as API Products
Productising your Microservices as API ProductsProductising your Microservices as API Products
Productising your Microservices as API Products
WSO2
 
[WSO2 Summit EMEA 2020] Accelerate and Secure Services Integration with WSO2 ...
[WSO2 Summit EMEA 2020] Accelerate and Secure Services Integration with WSO2 ...[WSO2 Summit EMEA 2020] Accelerate and Secure Services Integration with WSO2 ...
[WSO2 Summit EMEA 2020] Accelerate and Secure Services Integration with WSO2 ...
WSO2
 
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on KubernetesHow to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
WSO2
 
APIdays Helsinki 2019 - The Future of the Dynamic Application Server, NGINX U...
APIdays Helsinki 2019 - The Future of the Dynamic Application Server, NGINX U...APIdays Helsinki 2019 - The Future of the Dynamic Application Server, NGINX U...
APIdays Helsinki 2019 - The Future of the Dynamic Application Server, NGINX U...
apidays
 
Getting Started with Spring for GraphQL
Getting Started with Spring for GraphQLGetting Started with Spring for GraphQL
Getting Started with Spring for GraphQL
VMware Tanzu
 
Kochi Mulesoft Meetup #6
Kochi Mulesoft Meetup #6Kochi Mulesoft Meetup #6
Kochi Mulesoft Meetup #6
sumitahuja94
 

Weitere ähnliche Inhalte

Was ist angesagt?

Adaptive Scaling of Microgateways on Kubernetes
Adaptive Scaling of Microgateways on KubernetesAdaptive Scaling of Microgateways on Kubernetes
Adaptive Scaling of Microgateways on Kubernetes
WSO2
 
Explore the Latest on WSO2 Identity Server 5.11
Explore the Latest on WSO2 Identity Server 5.11Explore the Latest on WSO2 Identity Server 5.11
Explore the Latest on WSO2 Identity Server 5.11
WSO2
 
API Management for GraphQL
API Management for GraphQLAPI Management for GraphQL
API Management for GraphQL
WSO2
 
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
WSO2
 
[WSO2Con EU 2018] Up-Leveling Brownfield Integration
[WSO2Con EU 2018] Up-Leveling Brownfield Integration[WSO2Con EU 2018] Up-Leveling Brownfield Integration
[WSO2Con EU 2018] Up-Leveling Brownfield Integration
WSO2
 
5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs
WSO2
 
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on KubernetesHow to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
WSO2
 

Was ist angesagt? (20)

Adaptive Scaling of Microgateways on Kubernetes
Adaptive Scaling of Microgateways on KubernetesAdaptive Scaling of Microgateways on Kubernetes
Adaptive Scaling of Microgateways on Kubernetes
 
Explore the Latest on WSO2 Identity Server 5.11
Explore the Latest on WSO2 Identity Server 5.11Explore the Latest on WSO2 Identity Server 5.11
Explore the Latest on WSO2 Identity Server 5.11
 
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...
 
How to move from Monolith to Microservice
How to move from Monolith to MicroserviceHow to move from Monolith to Microservice
How to move from Monolith to Microservice
 
API Management for GraphQL
API Management for GraphQLAPI Management for GraphQL
API Management for GraphQL
 
What’s new in WSO2 Enterprise Integrator 6.6
What’s new in WSO2 Enterprise Integrator 6.6What’s new in WSO2 Enterprise Integrator 6.6
What’s new in WSO2 Enterprise Integrator 6.6
 
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
 
Cloud Native API Management : Microservices to APIs in Kubernetes
Cloud Native API Management : Microservices to APIs in KubernetesCloud Native API Management : Microservices to APIs in Kubernetes
Cloud Native API Management : Microservices to APIs in Kubernetes
 
[WSO2Con EU 2018] Adaptive and Iterative Integration for Microservices and Cl...
[WSO2Con EU 2018] Adaptive and Iterative Integration for Microservices and Cl...[WSO2Con EU 2018] Adaptive and Iterative Integration for Microservices and Cl...
[WSO2Con EU 2018] Adaptive and Iterative Integration for Microservices and Cl...
 
[WSO2Con EU 2018] Up-Leveling Brownfield Integration
[WSO2Con EU 2018] Up-Leveling Brownfield Integration[WSO2Con EU 2018] Up-Leveling Brownfield Integration
[WSO2Con EU 2018] Up-Leveling Brownfield Integration
 
5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs
 
[Workshop] API Management in Microservices Architecture
[Workshop] API Management in Microservices Architecture[Workshop] API Management in Microservices Architecture
[Workshop] API Management in Microservices Architecture
 
Online Meetup - MuleSoft - June 2020
Online Meetup - MuleSoft - June 2020 Online Meetup - MuleSoft - June 2020
Online Meetup - MuleSoft - June 2020
 
WSO2 User Group Bangalore Meetup
WSO2 User Group Bangalore MeetupWSO2 User Group Bangalore Meetup
WSO2 User Group Bangalore Meetup
 
[WSO2Con USA 2018] Up-leveling Brownfield Integration
[WSO2Con USA 2018] Up-leveling Brownfield Integration [WSO2Con USA 2018] Up-leveling Brownfield Integration
[WSO2Con USA 2018] Up-leveling Brownfield Integration
 
API Management for GraphQL
API Management for GraphQLAPI Management for GraphQL
API Management for GraphQL
 
Productising your Microservices as API Products
Productising your Microservices as API ProductsProductising your Microservices as API Products
Productising your Microservices as API Products
 
[WSO2 Summit EMEA 2020] Accelerate and Secure Services Integration with WSO2 ...
[WSO2 Summit EMEA 2020] Accelerate and Secure Services Integration with WSO2 ...[WSO2 Summit EMEA 2020] Accelerate and Secure Services Integration with WSO2 ...
[WSO2 Summit EMEA 2020] Accelerate and Secure Services Integration with WSO2 ...
 
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on KubernetesHow to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
 
APIdays Helsinki 2019 - The Future of the Dynamic Application Server, NGINX U...
APIdays Helsinki 2019 - The Future of the Dynamic Application Server, NGINX U...APIdays Helsinki 2019 - The Future of the Dynamic Application Server, NGINX U...
APIdays Helsinki 2019 - The Future of the Dynamic Application Server, NGINX U...
 

Ähnlich wie Deploying GraphQL Services as Managed APIs

Getting Started with Spring for GraphQL
Getting Started with Spring for GraphQLGetting Started with Spring for GraphQL
Getting Started with Spring for GraphQL
VMware Tanzu
 
Your API on Steroids
Your API on Steroids Your API on Steroids
Your API on Steroids
QAware GmbH
 
Implementing OpenAPI and GraphQL services with gRPC
Implementing OpenAPI and GraphQL services with gRPCImplementing OpenAPI and GraphQL services with gRPC
Implementing OpenAPI and GraphQL services with gRPC
Tim Burks
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
WSO2
 

Ähnlich wie Deploying GraphQL Services as Managed APIs (20)

Getting Started with Spring for GraphQL
Getting Started with Spring for GraphQLGetting Started with Spring for GraphQL
Getting Started with Spring for GraphQL
 
Kochi Mulesoft Meetup #6
Kochi Mulesoft Meetup #6Kochi Mulesoft Meetup #6
Kochi Mulesoft Meetup #6
 
Your API on Steroids
Your API on Steroids Your API on Steroids
Your API on Steroids
 
GraphQL across the stack: How everything fits together
GraphQL across the stack: How everything fits togetherGraphQL across the stack: How everything fits together
GraphQL across the stack: How everything fits together
 
How easy (or hard) it is to monitor your graph ql service performance
How easy (or hard) it is to monitor your graph ql service performanceHow easy (or hard) it is to monitor your graph ql service performance
How easy (or hard) it is to monitor your graph ql service performance
 
Building Fullstack Serverless GraphQL APIs In The Cloud
Building Fullstack Serverless GraphQL APIs In The CloudBuilding Fullstack Serverless GraphQL APIs In The Cloud
Building Fullstack Serverless GraphQL APIs In The Cloud
 
Implementing OpenAPI and GraphQL services with gRPC
Implementing OpenAPI and GraphQL services with gRPCImplementing OpenAPI and GraphQL services with gRPC
Implementing OpenAPI and GraphQL services with gRPC
 
APIdays Paris 2014 - Workshop - Craft and Deploy Your API in a Few Clicks Wit...
APIdays Paris 2014 - Workshop - Craft and Deploy Your API in a Few Clicks Wit...APIdays Paris 2014 - Workshop - Craft and Deploy Your API in a Few Clicks Wit...
APIdays Paris 2014 - Workshop - Craft and Deploy Your API in a Few Clicks Wit...
 
apidays LIVE Australia 2020 - Have your cake and eat it too: GraphQL? REST? W...
apidays LIVE Australia 2020 - Have your cake and eat it too: GraphQL? REST? W...apidays LIVE Australia 2020 - Have your cake and eat it too: GraphQL? REST? W...
apidays LIVE Australia 2020 - Have your cake and eat it too: GraphQL? REST? W...
 
INTERFACE by apidays 2023 - No more coding API's, Prerna Sood, Syncloop
INTERFACE by apidays 2023 - No more coding API's, Prerna Sood, SyncloopINTERFACE by apidays 2023 - No more coding API's, Prerna Sood, Syncloop
INTERFACE by apidays 2023 - No more coding API's, Prerna Sood, Syncloop
 
Create GraphQL server with apolloJS
Create GraphQL server with apolloJSCreate GraphQL server with apolloJS
Create GraphQL server with apolloJS
 
INTERFACE by apidays_What's your Type? Understanding API Types and Choosing t...
INTERFACE by apidays_What's your Type? Understanding API Types and Choosing t...INTERFACE by apidays_What's your Type? Understanding API Types and Choosing t...
INTERFACE by apidays_What's your Type? Understanding API Types and Choosing t...
 
Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0
 
How GraphQL influences your product development on all levels
How GraphQL influences your product development on all levelsHow GraphQL influences your product development on all levels
How GraphQL influences your product development on all levels
 
GraphQL @ Manc.JS (March 2018)
GraphQL @ Manc.JS (March 2018)GraphQL @ Manc.JS (March 2018)
GraphQL @ Manc.JS (March 2018)
 
CONDG April 23 2020 - Baskar Rao - GraphQL
CONDG April 23 2020 - Baskar Rao - GraphQLCONDG April 23 2020 - Baskar Rao - GraphQL
CONDG April 23 2020 - Baskar Rao - GraphQL
 
Attacking GraphQL
Attacking GraphQLAttacking GraphQL
Attacking GraphQL
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
 
Introduction to Testing GraphQL Presentation
Introduction to Testing GraphQL PresentationIntroduction to Testing GraphQL Presentation
Introduction to Testing GraphQL Presentation
 
Testing Graph QL Presentation (Test Automation)
Testing Graph QL Presentation (Test Automation)Testing Graph QL Presentation (Test Automation)
Testing Graph QL Presentation (Test Automation)
 

Mehr von WSO2

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
WSO2
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes
WSO2
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos Identity
WSO2
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
WSO2
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdf
WSO2
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing Choreo
WSO2
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected Products
WSO2
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses
WSO2
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs
WSO2
 

Mehr von WSO2 (20)

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in Choreo
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on Azure
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdf
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos Identity
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdf
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing Choreo
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected Products
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking Experiences
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready Bank
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment
 

Kürzlich hochgeladen

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Kürzlich hochgeladen (20)

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

Deploying GraphQL Services as Managed APIs

  • 1. Deploying GraphQL Services as Managed APIs Hiranya Abeyrathne Software Engineer WSO2 Webinar - 05th May 2020 Naduni Pamudika Senior Software Engineer
  • 2. Discussion Points ● Introduction to GraphQL ● Why and When to use GraphQL APIs ● Exposing GraphQL service as Managed APIs ○ The necessity of an API Manager ● Deploying a GraphQL service via WSO2 API Manager ○ Security, Authentication, Authorization, and Rate-Limiting ● Invoking GraphQL APIs via the Integrated GraphiQL UI in Developer Portal ● GraphQL Analytics
  • 4. GraphQL ● A query language for your APIs. ● Gives what you request, nothing more and nothing less. ● GraphQL specification is an SDL (Schema Definition Language). ● Created by Facebook in 2012 and released for open-source in 2015. ● Ability to make API calls more efficient, flexible, and developer-friendly. ● Served over HTTP via a single endpoint. ● Specification - https://spec.graphql.org/June2018/ ● Reference Implementation - https://github.com/graphql/graphql-js ● Implementation support in many languages - https://graphql.org/code/
  • 5. Products Management Service Retailer Id: ID Name: String Customer Id: ID Name: String Product Id: ID Name: String Category: enum ( CLOTHING FOOTWEAR COSMETICS ) 1 m 1 m m m
  • 6. Image Area Type System ● Defines the capabilities of an API ● All the types are exposed in an API, written down in a language called GraphQL Schema Definition Language ● Contract between the server and the client. Once it is defined, both sides are aware of the data structure ● Query, Mutation, and Subscription root types
  • 9. ● GraphQL subscriptions allow you to be notified in real-time of changes to your data. ● In ProductsManagement service, a retailer will be notified whenever a new Customer node is created. Subscription
  • 10. Why and When to use GraphQLs
  • 11. ● Consider the same ProductsManagement service example, where the retailer wants to know the list of customers who ordered a particular product. ● If you try this with REST, you need to do the following three API calls. REST vs GraphQL
  • 12. Image Area REST API Call 1 Fetch a list of allProducts (/products/)
  • 13. Image Area REST API Call 2 Fetch the list of customers’ Ids sending the particular product Id (/products/<orderedProductId>/ customers)
  • 14. Image Area REST API Call 3 Fetch the customer specific details by sending their Ids one by one (/products/<orderedProductId>/ customers/<id>)
  • 15. Image Area GraphQL Service Call Returns the details of a list of customers for the particular product with just a single query
  • 16. Why and When to Use GraphQL ● No more over-fetching or under-fetching ● Single API call data fetching ● Auto generated documentation using GraphiQL ● Versionless API evolution ● High performance in data fetching networks ● Schema and Type System ● Not good for complex queries - Slow down performance and kill the efficiency of GraphQL applications ● Not a perfect fit for content delivery networks - No HTTP cache support
  • 18. The necessity of an API Manager ● First class support for creating/publishing GraphQL APIs ● Authentication and security ● Role based access control for each operation - Authorization for GraphQL APIs ● Rate limiting GraphQL operations ● Operational level Analytics ● Detect and block malicious/unintentional/poor queries
  • 19. Deploying a GraphQL service via WSO2 API Manager
  • 20. First Class Support for GraphQL APIs ● Create a GraphQL API by importing an SDL schema ● Identify GraphQL APIs automatically in the Portals ● Display operation list instead of resources ● Display SDL schema instead of Open API definition ● Download option for SDL schema in Publisher and Developer Portal ● Search option to GraphQL type APIs ( type: GRAPHQL)
  • 21. Deploying ProductsAPI via WSO2 Publisher
  • 22. Authentication for GraphQL APIs ● APIs are mostly exposed to external users. ● Security plays a major role at this point as it is crucial to ensure that the users who access the API operations are authentic. ● There can be some GraphQL API operations are exposed to the public; giving access to anyone without authenticating to the system. ● WSO2 APIM provides the ability to enable or disable operational level security at the Publisher. ● For instance, allProducts operation in ProductsAPI should be accessible by anyone, hence the security needs to be disabled.
  • 25. Authorization for GraphQL APIs ● The operations defined at the Graphql SDL needs to be accessed by only a subset of users in an organization. ● Only the authorized parties should have the access. ● WSO2 APIM provides the ability to assign different levels of permissions to the API operations using fine grained access control with OAuth2 scopes. ● An API developer needs to distribute the privileges of “ProductsAPI” operations among the Retailer and Customer user groups to limit accessing the API.
  • 27. Rate Limiting for GraphQL Operations ● There can be specific operations which can be expensive to execute. ● Therefore, allowing the same rate limits to all the operations will not be a good idea in a production system. ● WSO2 API Manager can manage easily operational level rate limits. ● An API developer is able to set rate limiting either at operational level or API level to manage operation based traffic. ● For example, fetching the products list should be available to anyone limitlessly, thus has been assigned with the Unlimited value.
  • 30. Discovering and Consuming GraphQL APIs via DevPortal ● A listing of GraphQL APIs ● Search option to GraphQL type APIs ● Categorizing ● Documentation ● Developer friendly try-out tooling ● Rating and Commenting for the APIs
  • 31. Discovering and Consuming GraphQL APIs via DevPortal
  • 32. Demo
  • 34. Roadmap ● Subscription Plans on Query Complexities ● Microgateway Support ● Websocket Subscription
  • 35. Q & A
  • 36. ● Download API Manager: https://wso2.com/api-management/ ● GitHub: https://github.com/wso2/product-apim/issues ● Slack Channel: https://app.slack.com/client/TLVKGQN84/CLVKGR3BN ● Subscribe to YouTube Channel: https://www.youtube.com/channel/UCuWrSEtlGX9dcd5jiK6lovw
  • 37. Next Webinar ● 12th May - Overview of API Microgateway 3.1