There is a recent rise of
GraphQL API Backend as a Service or I am noticing it late or something, but it is useful. Ok let’s discuss it now.
Why call it GraphQL API Backend as a Service ?
You may ask me why it is called
GraphQL API Backend as a Service and simple not
Backend as a Service because in most of the cases it is not supposed to be your backend but it is just supposed to a part of backend.
GraphQL API Backend as a Service, GraphQL plays an important role of query language for APIs as it is what allows discovery of schema and makes it all more efficient as standardizes it for clients instead of developing SDKs for each and every platform.
We will call
GraphQL API Backend as a Service it GABS in this article for sake of simplicity.
What is GraphQL API Backend as a Service ?
GABS is a layer of abstraction over your database ( usually Postgres ) it creates CRUD and Aggerate Queries which can be used by client and exposes it in GraphQL endpoint. It is done by pointing the GABS to your database and in most cases it introspects it and creates a API in seconds automatically. It discovers relationships and stuff on its own.
Now a days there are a lot of breaches and ransomware stuff. The one I’m interested to share in this case is CIA email hijacked when the malicious actor used it send emails to many people which he was not supposed to have permissions for, thankfully he did it for fun and not with some malicious intent.
So what I’m trying to highlight is Authorization is one of the most important thing in an application be it from CIA, NIA or from a young start up, and this is the part where GABS shine. There offer a very detailed and powerful RBAC ( Role Based Access Control) which protects your data from malicious users and by default it is locked and no one has access to it.
In GABS you can do something like,
Allow user to read blogs where,
blogs.user_id == X-Application-JWT-Key-User-ID
allow read with aggregate read queries.
GABS use JWT for Authentication and Authorization. You create role with assigned permissions in
yaml files or in dashboards and add that role to JWT (this depends on GABS you use).
Most of the GABS don’t handle Authentication ( SignUp / SignIn ) stuff for you as it may varier from your needs, or you may be using something like Auth0, Cognito or your custom Auth Solution. What GABS handle is Authorization ( user permissions and access control) stuff and does it extremely well.
Custom Business Logic.
Custom business logic is what matters and here is where GraphQL shines you can create a GraphQL server with custom business logic and stich it with GABS and most of them provide this feature out of the box and if you are using some GABS that doesn’t provide support for it out of the box you can use third party open source solutions like Applo Federation.
Some GABS like Hasura will also allow you to create custom queries and mutation in their dashboard and foreword it to your Rest Endpoint which open the possibility to use serverless stuff.
Well this is the part I like to most about GABS. Real time is hard, for most of the people (including for me). GABS just democratizes it by handling real-time stuff by itself and provides it in a Graphql Subscriptions form for consumption by clients (web, apps, etc).
Why to use GABS in the first place ?
Well this is one of the most important question to answer. So let’s do it.
1. Removes boring part from software development
Whenever we start a new project we do the boring CRUD stuff again and again, this created a need to automate this boring process and which till now had been done by frameworks like Ruby on Rails which do most of the stuff with simple commands, but now we want authorization and authentication build in so to fullfil these need projects like Hasura, Graphjin and Supabase have come along which allow you to create backend without even touching the code.
2. Increases project shipping speed
Nowadays speed of shipping product is what matters, and these do this thing the best by creating APIs withins minutes instead of days so you can iterate over your product faster and make a difference in world with your quickly or at least gain more market share then your competitor.
3. Reduced Cost of Development
We need less developers so cost of the product development is reduced which can be passed further to consumer which would inturn be more happy.
4. Allows you to focus on business part.
It allows you to focus on code that powers business rather than CRUD.
Tell me some GABS.
Ok till this point you should be convinced to use GABS or at least give it a try so here is a list of them.
It is a open source project developed by Hasura, Inc. They are leader in the space and has recently launched a managed version. They also have a cool Dashboard which can do all operations.
Hasura is also written in rather interesting language Haskell ( a functional language ). They support multiple databases and at the time of writing this they support PostgreSQL, Microsoft SQL Server, AWS Aurora, Google Bigquery and plan to support Oracle, MongoDB, MySQL and Elastic soon.
It is same as Hasura but written in Go ( It is super fast language ) by a Ex-LinkedIn Engineer and it is not a startup as it states on its website. It is licensed under open source Apache 2.0 License.
The project writer told on Discord recently that they are developing Admin Interface so in near future you will be able to do all the things from Admin Console itself. Graphjin at the time of writing this supports Postgres and have no plan to support other databases.
It is somewhat diffrent from Hasura and Graphjin as it is not a septate program which creates a layer of abstraction between database and clients, but instead it is a Postgres extension.
Supabase aims to be a open source firebase alternative and it is build on top of Postgres, KongAPI Gateway and other open source projects. It has its own SDKs for clients and it handles stuff both on Database with extensions and on the application developed by it. What gives it a spot on this list is it recently announced support for GraphQL.