GraphQL is the dominant query language for modern APIs and the most consistently mis-secured one. Its flexibility — the ability for clients to request exactly the data they need — creates an attack surface that REST APIs do not have. A poorly configured GraphQL endpoint leaks schema, enables amplification, and can be resource-exhausted by a single crafted query.
Attack 1: Introspection Abuse
GraphQL introspection is a built-in feature that returns the complete schema — all types, all fields, all relationships. In development this is useful. In production it hands an attacker a complete map of your data model before they have found a single vulnerability. An attacker who knows your schema knows exactly which queries to craft and which fields are worth targeting.
Disable introspection in production. Most GraphQL libraries have a single configuration flag. The argument that introspection should remain enabled because "determined attackers can reconstruct the schema anyway" is technically true and practically irrelevant — disable friction, disable easy reconnaissance.
Attack 2: Query Batching Amplification
GraphQL supports batching — sending multiple queries in a single HTTP request. An attacker who identifies a rate-limited mutation can batch 500 copies of it in a single request, bypassing per-request rate limits entirely. This is particularly effective against authentication mutations (login, password reset) and expensive query operations.
Enforce a max batch size at the transport layer. Ten queries per batch is a generous limit for legitimate clients and eliminates amplification as a viable attack vector.
Attack 3: Depth and Complexity Attacks
A GraphQL query can traverse deeply nested relationships. A schema with User → Orders → Products → Reviews → Users (circular) can be queried to arbitrary depth. A single request that resolves 10 levels of nesting across a branching factor of 5 generates 5^10 = ~10 million resolver calls.
# This innocent-looking query can exhaust a server
{ users { orders { products { reviews { user { orders { products {
reviews { user { id } }
} } } } } } } }Enforce query depth limits (8-10 levels is generous) and query complexity limits (assign weights to fields and reject queries that exceed a total complexity budget). Both are available in every major GraphQL library.
G8KEPR enforces GraphQL-specific limits — max depth, max complexity, batch size — at the gateway layer, before queries reach your resolvers. This keeps the defence out of application code and applies uniformly across all clients.