“We’re going GraphQL, we’re replacing everything with GraphQL”
Sid Sijbrandij, GitLab founder and CEO
GraphQL is an open source technology created by Facebook that is getting a fair bit of attention of late. It is set to make a major impact on how APIs are designed.
As is so often the case with these things, it’s not terribly well named. It sounds like a general purpose query language for graph traversal, am I right? Something like Cypher.
It isn’t. The name is a little deceptive. GraphQL is about graphs if you see everything as graphs, but reading the the excellent, crisp docs GraphQL is primarily about designing your APIs more effectively, and being more specific about access to your data sources.
“GraphQL is a query language for your API, and a server-side runtime for executing queries by using a type system you define for your data. GraphQL isn’t tied to any specific database or storage engine and is instead backed by your existing code and data.”
With REST you can only pass a single set of arguments, but with GraphQL you can access a particular field or nested object without making multiple API fetches. You can call many resources in a single request. That in itself is a win. GraphQL has a set of standard types but you can also set custom types. A GraphQL query is a string sent to the runtime that returns JSON to the client.
A few weeks back Chris Wanstrath, GitHub’s CEO, said all GitHub APIs would be developed GraphQL-first from here on in. This announcement came during a section labeled The Future of APIs at GitHub’s Satellite conference in London. Wanstrath said GitHub needs to engineer differently because its site gets more API calls than UI visits. Now when we GitHub builds a new feature first it builds a GraphQL API, which it then uses internally before roll out. One suggested graph use case was suggested reviewers for code. GitHub’s project boards are also now backed by GraphQL – and the service is seeing 125m queries per day.
More and more companies are seeing APIs as their primary access mechanism. Twilio, for example, one of the few successful IPOs in tech of recent times. REST, which has got us through the last few years of Web engineering, is looking a little creaky.
Github is not alone. The NY Times has just gone through a major back end redesign.
— Scott Taylor ⛵️ (@wonderboymusic) June 14, 2017
So what about Facebook? It built GraphQL because it needed something powerful enough to describe Facebook’s API structure, but easy to learn by mobile developers. It is seeing billions of API calls a day now, so we know it scales. As Facebook points out, the shape of the query mirrors the shape of the response, which is cool.
The tree-based shape of the queries is one thing that attracted Neo4J to GraphQL. As a native Graph database it’s interested in the possibilities of extending GraphQL, with Cypher, but not modifying it so it can’t be used by other tools. The sandbox and integration are well worth checking out.
So does GraphQL replace REST? Phil Sturgeon has a very useful post summarising the philosophies of the two approaches, which he sees as complementary.
“Having one GraphQL server act as a sort of data proxy, giving one entry point for mixed data, one Authentication scheme despite each REST API having its own “unique” approach to tokens, one HTTP call for clients – despite it hitting multiple actual REST APIs, etc., would be a damn powerful thing.”
“If you need a highly query-able API, expect an array of clients that need small and different data, and can restructure your data to be inexpensive to query, then GraphQL is likely to fit your needs.”
I strongly agree with Sturgeon on the docs and developer experience.
Some of this stuff is fashion of course. REST has had a really good run, but is definitely looking less shiny these days. Developers like to try new things, and GraphQL’s timing is good. The companies adopting it are those that people want to emulate. But there are of course some dragons out there. In a followup Sturgeon points out that current caching models don’t map to GraphQL.
“Due to the way GraphQL operates as a query language POSTing against a single endpoint, HTTP is demoted to the role of a dumb tunnel, making network caching tools like Varnish, Squid, Fastly, etc. entirely useless.”
A web where Fastly doesn’t work, where HTTP is a problem, sounds problematical.
Kelly Sutton expands on the theme in a post Do We Need GraphQL?
“In the world of GraphQL, HTTP is an unfortunate transport mechanism rather than something to be embraced. Rather than using the standard semantics, we ignore them completely by treating HTTP like a dumb pipe. For companies with enough resources, treating HTTP like a dumb pipe is feasible. You can develop GraphQL-aware caching layers and deploy that logic to edge nodes around the globe. But most of us are not Facebook, so we need to stick with the standards we’ve got. This means using standards like HTTP to the fullest, so that we can be sure that our applications play nicely with vendors.”
But the benefits keep on twinkling. GraphQL introspection is interesting, as we grope towards self-documenting APIs with things like Swagger. Sashko Stubailo has some interesting ideas here. Check out GraphiQL – an inbrowser IDE for GraphQL.
There are some intriguing new services emerging to take advantage of GraphQL like graph.cool – which is effectively serverless or back end as a service GraphQL, which you’d use if you take the Joe Emison view of serverless not so much as Function as a Service (AWS Lambda) but as a model for building apps and services comprised of third party services such as Auth0, Algolia and Prerender.io. . Authory seems to be doing exactly that with its service for journalists wanting a single point of access for all their published content.Here we begin to edge into GraphQL not competing with REST so much as Firebase.
Scaphold is moving forward with a similar model – focusing on simplifying GraphQL-first apps deployment to Amazon Web Services (AWS) cloud. Early customers include Visa. These services are like Parse or Firebase for GraphQL.
In summary GraphQL maps pretty well to new API-driven models such as serverless. Michael Hunger from Neo4j feels REST is worth retiring. That said, technologies don’t die overnight. REST is hardly going to disappear overnight. But for a class of problems for high scale sites it’s we’re going to see significant adoption of GraphQL. The Google Trends chart at the top of the page shows growing interest in GraphQL and gRPC – GraphQL is blue. GraphQL maps to external consumption of APIs, with gRPC for internal. They’re both clearly spiking in interest.
Let me know if you’re using or considering GraphQL. Certainly chatter is growing, and some very well respected engineers are choosing to run with it.
Google and Neo4J are clients.