With its flexible querying capabilities, GraphQL makes it easy to combine data from multiple sources into a single endpoint. GraphQL and API management go hand in hand to build next-generation API platforms.
However, GraphQL's features can also introduce security risks if not properly implemented.
In a talk at API Summit 2023, Tristan Kalos and Antoine Carossio (co-founders of GraphQL security testing company Escape) dug into the most common and most underestimated vulnerabilities unearthed by analyzing over 130,000 public GraphQL endpoints. In their research, which is gathered in The State of GraphQL Security 2023 report, they identified nearly 50,000 security alerts, 10% of which were critical.
So, how can GraphQL be prone to security issues? And what are the most common vulnerabilities developers need to watch out for? Let's break it down.
GraphQL is vulnerable for two key reasons:
The features in GraphQL that give it flexibility can also be exploited by attackers. For example, GraphQL allows batching and aliasing requests. This lets you send multiple queries in one HTTP request.
This is great for performance. But it also lets attackers bypass rate limiting enforced at the HTTP layer — meaning they can send hundreds of login attempts in one request to brute force credentials.
Another example worth calling out is GraphQL's recursive fragments. These allow developers to reuse query logic. But an unprotected GraphQL engine can be crashed with infinite recursion, creating a denial of service vulnerability.
In GraphQL, every entity can be accessed via multiple paths. This makes it easy for developers to inadvertently expose access to sensitive data.
For instance, an admin mutation could be left unprotected under the assumption it's not publicly accessible. But if another path leads to it, an attacker could discover and abuse it.
Robust access control in GraphQL requires meticulous auditing of all possible paths — which is not exactly a trivial task.
Across over 1,600 scanned production apps, the team at Escape found both GraphQL-specific vulnerabilities along with plenty of classic API vulnerabilities. The most common GraphQL vulnerabilities they encountere include:
The aforementioned batching and aliasing features enable brute-forcing attacks even past rate limits. Expect account takeovers if login mechanisms aren't robust.
Unprotected recursive fragments create crashes. GraphQL's flexibility naturally risks resource exhaustion DoS attacks.
Many GraphQL servers try to hide their schema, but the field suggestion feature can inadvertently leak it. Public tools like Clarivoyance automate schema reconstruction. This exposes private mutations. In one case, Escape took over an admin account by finding an unprotected password reset mutation.
Beyond the GraphQL-specific vulnerabilities, Escape also uncovered some classic API security vulnerabilities in their research that can’t be overlooked. Not surprisingly, there was much overlap between the vulnerabilities found and the OWASP API Security Top 10.
The problem here is that Stack Traces give too much information on what’s vulnerable in your app.
For example, when there’s a GraphQL error, it gives the precise path of the source code that created the problem. Using this, one could get information about the libraries used by this GraphQL endpoint — and then look up vulnerabilities that affect these libraries.
This is very common in GraphQL. Most routes writing data (mutation) aren’t supposed to be accessible without authentication. However, many GraphQL endpoints have bad access control implementation and thus an unauthorized user or a user with low-level authorization can access restricted data.
Believe it or not, injection attacks are still a major issue. Escape’s research uncovered SQL, NoSQL, and even Bash command injections in GraphQL services. This can lead to data theft if developers don't follow secure coding practices.
GraphQL isn't immune to traditional security pitfalls. 40% of the discovered vulnerabilities were classic API issues, like broken authentication and access control. Notably, improper error handling exposed internal API keys and secrets. GraphQL doesn't inherently protect downstream dependencies.
Most alarmingly, Escape’s analysis discovered huge amounts of sensitive data leaked in public GraphQL endpoints, including:
This data exposure could enable account takeovers, cloud resource hijacking, and identity theft. It highlights the pressing need for rigorous security controls in GraphQL services.
GraphQL opens new horizons for API development. With disciplined security practices, you can build the next generation of interfaces while keeping your data safe.
For this and other talks around all things related to APIs, check out on-demand sessions from API Summit.
Meet Emily. She’s an API product manager at ACME, Inc., an ecommerce company that runs on dozens of APIs. One morning, her team lead asks a simple question: “Who’s our top API consumer, and which of your APIs are causing the most issues right now?”
In the last two parts of this series, we discussed How to Strengthen a ReAct AI Agent with Kong AI Gateway and How to Build a Single-LLM AI Agent with Kong AI Gateway and LangGraph . In this third and final part, we're going to evolve the AI Agen
In my previous post, we discussed how we can implement a basic AI Agent with Kong AI Gateway. In part two of this series, we're going to review LangGraph fundamentals, rewrite the AI Agent and explore how Kong AI Gateway can be used to protect an LLM
This is part one of a series exploring how Kong AI Gateway can be used in an AI Agent development with LangGraph. The series comprises three parts: Basic ReAct AI Agent with Kong AI Gateway Single LLM ReAct AI Agent with Kong AI Gateway and LangGr
What Is RAG, and Why Should You Use It? RAG (Retrieval-Augmented Generation) is not a new concept in AI, and unsurprisingly, when talking to companies, everyone seems to have their own interpretation of how to implement it. So, let’s start with a r
In February 2024, Kong became the first API platform to launch a dedicated AI gateway, designed to bring production-grade performance, observability, and policy enforcement to GenAI workloads. At its core, Kong’s AI Gateway provides a universal API
In this article, which is based on my talk at VueConf Toronto 2023, we'll explore how to harness the power of Vue.js and micro frontends to create scalable, modular architectures that prioritize the developer experience. We'll unveil practical strate
