AuthN + AuthZ in GraphQL

Christoph Hartmann Conference
graphql security authentication authorization

Key learnings from implementing authentication and authorization using GraphQL

Using GraphQL in production requires some re-thinking of existing security mechanisms normally used for REST services. Especially implementing authorization can be challenging since the GraphQL resolver may be easily used for privilege escalations.

The talk will provide an overview of different approaches implementing authentication and authorization for GraphQL services.