0
0
GraphQLquery~5 mins

Introspection control in GraphQL

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Introduction

Introspection control lets you decide if people can ask your GraphQL server about its own structure. This helps keep your data safe and your server fast.

You want to hide your GraphQL schema from public users for security.
You want to improve performance by disabling introspection in production.
You want to allow introspection only for trusted developers.
You want to prevent automated tools from exploring your API.
You want to control what parts of the schema are visible to different users.
Syntax
GraphQL
const server = new ApolloServer({
  typeDefs,
  resolvers,
  introspection: true // or false
});
Set introspection to true to allow introspection queries.
Set introspection to false to disable introspection queries.
Examples
This allows anyone to ask the server about its schema.
GraphQL
const server = new ApolloServer({
  typeDefs,
  resolvers,
  introspection: true
});
This blocks introspection queries, hiding schema details.
GraphQL
const server = new ApolloServer({
  typeDefs,
  resolvers,
  introspection: false
});
Sample Program

This GraphQL server has introspection disabled, so clients cannot query the schema structure.

GraphQL
const { ApolloServer, gql } = require('apollo-server');

const typeDefs = gql`
  type Query {
    hello: String
  }
`;

const resolvers = {
  Query: {
    hello: () => 'Hello world!'
  }
};

const server = new ApolloServer({
  typeDefs,
  resolvers,
  introspection: false
});

server.listen().then(({ url }) => {
  console.log(`Server ready at ${url}`);
});
OutputSuccess
Important Notes

Disabling introspection improves security but can make debugging harder.

Consider enabling introspection only in development environments.

Some tools rely on introspection to work properly.

Summary

Introspection control lets you allow or block schema queries.

Use it to protect your API and improve performance.

Toggle with the introspection option in your server setup.