Why GraphQL? From RESTful to the Future

While GraphQL may be popular among developers, many companies are left wondering if it's really the next iteration of APIs beyond REST. The surge in GraphQL adoption comes as most software teams look towards API tools that are easy to use and easy to implement. The benefits of GraphQL reach far beyond IT teams, however, to the entire organization.

Let’s look at what GraphQL is, why it’s an improvement over REST in some ways, and how organizations can benefit from GraphQL adoption.

GraphQL Explained

GraphQL is a standard for APIs that dictates how requests and responses are communicated over the internet — much like REST APIs — but goes beyond this by also defining a standard querying language for interacting with the actual data. A traditional REST API requires the developer to know where resources are located in the backend and to request data using specific endpoints.

With GraphQL, however, developers describe the data they want to receive without needing to know anything about the backend systems. Developers request what data they want instead of where the data they want is. GraphQL, therefore, is a more intuitive approach to data sharing between systems.

GraphQL vs. REST

Let’s look at some of the ways that GraphQL is an improvement over the traditional REST approach to APIs.

API Standardization

The greatest challenge many IT teams are facing with the proliferation of APIs is the lack of standardization. Every REST API has its own implementation of requests, responses, endpoints, security, throttling, and more. This makes it challenging and time-consuming for developers to learn and work with new REST APIs.

GraphQL eliminates much of the learning curve by standardizing API interactions. Not only is there a standardized querying language, but GraphQL servers are self-documenting. That means developers can quickly understand, use, and keep up to date with the latest version of an API. GraphQL, therefore, offers a better developer experience and improves the productivity of IT teams.

Efficient Requests

With GraphQL, there’s less risk of Over Fetching or Under Fetching data. Since developers have less control over the response with REST APIs, there’s a chance that more data than necessary will be given in the response. Over Fetching wastes bandwidth and can lead to slower responses that impact the user experience. Under Fetching — when developers need to make many APIs to get all the data they need — can slow content delivery as well because it takes longer for multiple API calls to complete.

Developers avoid this issue with GraphQL by requesting and receiving exactly the data they need. Efficient API requests reduce payloads and network overhead. GraphQL, therefore, can speed up the delivery of content while reducing the cost of computing resources.

Front-end Control

Building a standard REST API requires close collaboration between front-end and back-end developers to design, test, and update the solution. As new features are needed or data requirements change, front-end developers rely on back-end developers for API updates.

GraphQL empowers front-end developers to request the specific data they need from the back-end. The introspective or self-documenting nature of GraphQL means there’s no back and forth between development teams over the specific fields and parameters needed in requests and responses. GraphQL, therefore, makes it easier for front-end developers to prototype new apps and iteratively develop existing software.

Enhanced Security

Security is paramount for APIs, but many REST APIs lack best practices. Developers using REST APIs, for example, need to make an effort to avoid SQL injection and data leakage. If the API doesn’t properly validate requests on the back-end then malicious code could be injected into database calls. There’s also the chance that back-end developers can update the API and front-end developers unknowingly leak data.

GraphQL has a strongly-typed querying language that limits the risks of SQL injection. Unlike most REST APIs built atop SQL databases, GraphQL has built-in data validation against a scheme. In addition, developers request only the data they need, so there’s a reduced chance of unwanted data leaking into responses. That’s why GraphQL is more secure than many RESTful API implementations.

The Benefits of GraphQL For Organizations

GraphQL may have technical improvements over REST APIs, but let’s look at the benefits of adopting GraphQL from a business and marketing standpoint. 

Easier to Hire Developers

With RESTful API development, you need to hire developers with experience using specific back-end technologies like Java, Python, SQL, or MongoDB. This limits the potential talent pool and makes hiring developers more expensive. GraphQL, however, is straightforward to learn and doesn’t require knowledge of these back-end systems and technologies. That means it’s easier to hire or train GraphQL developers at a lower cost.

Shorter Time to Market

Designing and developing an API can be a time-consuming process. Choosing the technologies to build the API with, determining the structure of API requests and responses, and implementing other best-practices are challenging. That’s because it’s difficult to predict what the API user will need ahead of time. GraphQL eliminates all of this with its standardized querying language and execution runtime that’s straightforward to connect with datastores.

Faster Marketing Campaigns

When it’s easier to find developer talent and launch APIs faster, then marketers have more resources for their marketing campaigns. Digital marketing teams can choose to bring their brand presence to new channels and devices, while developers will have the expertise and resources to quickly build new front-end applications. That means GraphQL makes both marketing teams and development teams more digitally agile.

CrafterCMS Supports Both REST and GraphQL

CrafterCMS supports both REST and GraphQL out of the box. The best part is that you can use the API best suited for your task at hand. Crafter does not sit atop a traditional SQL database, so its native REST APIs do not suffer from some of the inherent security limitations noted above. Starting with CrafterCMS v3.1, you can continue using REST APIs for your system integrations and content delivery, move to GraphQL, or use a combination of both based on specific use-cases. Even better, both Crafter’s REST and GraphQL APIs are extensible by developers using the Groovy scripting language.

GraphQL brings enormous benefits to organizations from cheaper development to greater technological innovation and adaptability. At Crafter, we believe GraphQL is the future for omnichannel content delivery. For a deeper dive into the technical aspects of GraphQL, see Is GraphQL the Next API Standard for CMS?