From Private To Public: Evolving a GraphQL API for the Outside World
Turning a private GraphQL API into a public one comes with unexpected challenges. We’ll share how we approached this transition—starting from an existing internal schema that wasn’t shaped for external consumers—and the steps we took to expose only what was ready. Using Apollo Federation Contracts, we filtered out unstable or sensitive parts of the graph. Along the way, we defined best practices for the public schema, like cursor-based pagination, using oneOf for inputs and results. We’ll also touch on how we serve the schema through Hive Gateway with a supergraph setup, and the security measures we added, like depth limiting and complexity analysis. To keep things evolving safely, we rely on GraphQL Hive to track usage and guide deprecations.
If you’re thinking about exposing a GraphQL API—or just want ideas for keeping one clean and manageable—this talk will share what worked for us, what didn’t, and what we learned.
London GraphQL
Welcome to the London GraphQL community! Meet quarterly with fellow developers and companies in the GraphQL space and stay up to date with the latest developments, trends and lessons from the GraphQL community!
Interested in speaking? Apply here: http://tinyurl.com/londongraphqlcfp
Platform Sponsors
Don't let broken lines of code, busted API calls, and crashes ruin your app. Join the 4M developers and 90K organizations who consider Sentry “not bad” when it comes to application monitoring. Use code “guild” for 3 free months of the team plan.
https://sentry.io
Torc is a community-first platform bringing together remote-first software engineer and developer opportunities from across the globe. Join a network that’s all about connection, collaboration, and finding your next big move — together.
Join our community today!
From Private To Public: Evolving a GraphQL API for the Outside World
Turning a private GraphQL API into a public one comes with unexpected challenges. We’ll share how we approached this transition—starting from an existing internal schema that wasn’t shaped for external consumers—and the steps we took to expose only what was ready. Using Apollo Federation Contracts, we filtered out unstable or sensitive parts of the graph. Along the way, we defined best practices for the public schema, like cursor-based pagination, using oneOf for inputs and results. We’ll also touch on how we serve the schema through Hive Gateway with a supergraph setup, and the security measures we added, like depth limiting and complexity analysis. To keep things evolving safely, we rely on GraphQL Hive to track usage and guide deprecations.
If you’re thinking about exposing a GraphQL API—or just want ideas for keeping one clean and manageable—this talk will share what worked for us, what didn’t, and what we learned.
London GraphQL
Welcome to the London GraphQL community! Meet quarterly with fellow developers and companies in the GraphQL space and stay up to date with the latest developments, trends and lessons from the GraphQL community!
Interested in speaking? Apply here: http://tinyurl.com/londongraphqlcfp
Platform Sponsors
Don't let broken lines of code, busted API calls, and crashes ruin your app. Join the 4M developers and 90K organizations who consider Sentry “not bad” when it comes to application monitoring. Use code “guild” for 3 free months of the team plan.
https://sentry.io
Torc is a community-first platform bringing together remote-first software engineer and developer opportunities from across the globe. Join a network that’s all about connection, collaboration, and finding your next big move — together.
Join our community today!
Get in touch!
hi@guild.host