Securing a GraphQL API with Apollo

A secure API is an important part of web application development, and with GraphQL it is no different. This course will teach you to create secure Apollo APIs and clients, as well as how to protect against complex queries.

Securing APIs has always been an important part of web application development, and with GraphQL it is no different. Access control is a critical aspect of your API whether you’re developing for internal or third-party use. In this course, Securing a GraphQL API with Apollo, you’ll learn to implement modern security practices for using GraphQL effectively on the server and client, as well as protection against complex queries specific to GraphQL APIs. First, you’ll explore how authentication is handled for Apollo on both the server and client. Next, you’ll discover how GraphQL can give you fine-grained role-based access for your models, even down to the field level. Finally, you’ll learn about complex queries and how to handle and prevent them. When you’re finished with this course, you’ll have the skills and knowledge of how to build modern, secure GraphQL APIs with the Apollo server and client libraries.

• Course Overview 1min
• Implementing Header Authentication for Apollo Server and Client 28mins
• Implementing Cookie Authentication for Apollo Server and Client 21mins
• Restricting Access for Types and Fields with Roles and Permissions 24mins
• Protecting Against Large and Malicious Queries 12mins