June 17, 2021

Announcing GraphCDN, the CDN for GraphQL APIs

Your GraphQL ClientYour GraphQL BackendEdge Cachequery{...}{...}mutationSmart Purging

Scaling and securing GraphQL APIs has always been a struggle in our projects.

As much as we love GraphQL for allowing us to ship good products very quickly, no traditional CDN can cache GraphQL APIs. We had to build custom caching solutions from scratch, which distracted us for weeks and the caches never worked as well as we needed them to.

That's why we created GraphCDN.

GraphCDN is the CDN for your GraphQL API. We want to give you the peace of mind for your GraphQL API that we wished we had with:

Today, we're excited to announce that GraphCDN is available for everybody! 🎉

Free up to 5M req/mo · No CC required

Feature Overview

GraphQL Edge Cache

GraphCDN caches your GraphQL query results at our 60 data centers worldwide and gives you fine-grained control over your cache behavior. You can configure everything at a GraphQL type- and even field-level, for example, "Cache any query result that contains a Post for 900 seconds" or "Don't cache any query result that contains an APIToken".

What really makes the GraphCDN edge cache shine is the automatic mutation invalidation. The gateway detects when mutations change some object, for example editUser(id: 5), and automatically invalidates any cached query results that contain that object!



GraphCDN's edge cache can also cache sensitive data per authenticated user, works perfectly with POST requests, supports stale-while-revalidate, and even exposes a custom cache invalidation GraphQL API for your service (e.g. mutation purgeUser(id: 5)).

GraphQL Analytics & Error Tracking

GraphCDN also gives you detailed analytics for your GraphQL API. Imagine Google Analytics for GraphQL: it helps you understand how your GraphQL API is used, how it behaves with your traffic levels and what the experience is like for your users. It's also helpful to debug your cache hit rate and check on your origin server's performance down to the specific query:

On top of that, GraphCDN tracks all the HTTP and GraphQL errors your origin server responds with so you can debug customer issues better and faster. Not only that, but when the level of errors rises above the normal baseline, GraphCDN automatically sends you email alerts so you can stay on top of them!

GraphQL Security

Finally, GraphCDN also protects your GraphQL API for you. While the flexibility of GraphQL is fantastic for developers, it also opens up new attack vectors for malicious actors that traditional CDNs aren't equipped to handle.

One of the most common attacks is sending deeply nested queries to overload the server and/or database. For example, imagine a CMS with a Post that has Comments that has an Author:

query maliciousQuery {
allPosts {
comments {
author {
posts {
comments {
# ...repeat times 10000...
}
}
}
}
}
}

DataLoader can prevent some of these queries from taking up too many server resources, but not all of them. GraphCDN comes with query depth limiting out of the box: it analyses incoming queries and blocks them if they are nested too deeply. Since GraphCDN sits at the edge, your origin server will never have to deal with these malicious queries!

We have plans for further security features that could be useful for everybody, including rate limiting and complexity analysis, as well as a bunch of other ideas. Check out the feature requests and vote for what you would like to see next!

We're very excited to open up GraphCDN for everybody today and hope it gives you some well deserved peace of mind for your GraphQL API. If you have any questions, ping us anytime at support@graphcdn.io — we're here to help!

Free up to 5M req/mo · No CC required

About Us

GraphCDN was co-founded by Tim Suchanek and Max Stoiber. Tim is the creator of the graphql-playground and graphql-request, and was the first employee at Prisma (née GraphCool). Max co-created react-boilerplate and styled-components, and previously co-founded Spectrum, which was acquired by GitHub in 2018.

GraphCDN is backed by industry-leading angel investors, including Guillermo Rauch (CEO, Vercel), Tom Preston-Werner (co-founder, GitHub), Andreas Klinger (CTO, On Deck), Matt Biilmann and Christian Bach (Co-CEOs, Netlify), Jason Warner (CTO, GitHub), Nicolas Dessaigne (co-founder, Algolia), and many others.

Learn more about us