Expand my Community achievements bar.

Introducing Adobe LLM Optimizer: Own your brand’s presence in AI-Powered search and discovery
Learn More

Mark Solution

This conversation has been locked due to inactivity. Please create a new post.

SOLVED

GraphQL security & scalable way in AEM?

Avatar

Level 7
Level 7
12/29/22 3:44:36 PM

I understand whenever someone is making a GraphQL query request to AEM, the publishers will be hit with some load time. What happens if someone decides to spam the GraphQL query request?

 

is there a secure way to safeguard the GraphQL query request from being spammed?

How about caching? How does AEM cache GraphQL query requests?

Views

771

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 4
Level 4
12/29/22 9:24:33 PM

Hi @SupportMember ,

 

Yes, you can safeguard your graphQL queries by implementing the following:

  1. Rate Limiting: You can use rate limiting to limit the number of GraphQL query requests that can be made to your AEM instance within a certain timeframe.
  2. Throttling: You can use throttling to limit the number of GraphQL query requests that can be made concurrently to your AEM instance
  3. Captcha(For Bot protection only): You can use a Captcha to verify that the request is being made by a human, rather than a bot. 

You can also go for persisted graphQL option if you want to cache the query results.A persisted query is a GraphQL query that has been stored in a server-side cache. This allows clients to send an ID in place of the full query text, reducing the amount of data sent over the network and potentially improving performance. You can find more about it here - https://experienceleague.adobe.com/docs/experience-manager-learn/getting-started-with-aem-headless/g...

 

Thanks,

Monendra

View solution in original post

Views

750

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Level 4
Level 4
12/29/22 9:24:33 PM

Hi @SupportMember ,

 

Yes, you can safeguard your graphQL queries by implementing the following:

  1. Rate Limiting: You can use rate limiting to limit the number of GraphQL query requests that can be made to your AEM instance within a certain timeframe.
  2. Throttling: You can use throttling to limit the number of GraphQL query requests that can be made concurrently to your AEM instance
  3. Captcha(For Bot protection only): You can use a Captcha to verify that the request is being made by a human, rather than a bot. 

You can also go for persisted graphQL option if you want to cache the query results.A persisted query is a GraphQL query that has been stored in a server-side cache. This allows clients to send an ID in place of the full query text, reducing the amount of data sent over the network and potentially improving performance. You can find more about it here - https://experienceleague.adobe.com/docs/experience-manager-learn/getting-started-with-aem-headless/g...

 

Thanks,

Monendra

Views

751

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
Image were not loading in column View/list view in Dam asset folder.

Views

34

Likes

0

Replies

0
Sitemap Generation in Headless AEM Setup — AEM vs. Frontend App (React)

Views

38

Likes

0

Replies

0
Delete asset step in aem wf

Views

50

Likes

0

Replies

1
System user creation in AEM LTS/AEM 6.6

Views

47

Like

1

Replies

1
Enabling Basic Authentication on AEM Publish for a Public URL for Lower Environments

Views

52

Likes

0

Replies

1