GraphQL Fundamentals

Ask for exactly what you need, get exactly that

Home
Hld Concepts
Communication
Graphql

What is GraphQL?

GraphQL is a query language for APIs that lets clients request exactly the data they need. Unlike REST where you get fixed responses, GraphQL gives you the power to shape your queries.

Simple Analogy

Think of REST like a restaurant menu with fixed meals. You order “Meal #1” and get everything on that plate, even if you only wanted the salad.

GraphQL is like a buffet where you point to exactly what you want: “I’ll have the chicken, rice, and broccoli” - nothing more, nothing less.

Key Concepts

Section titled “Key Concepts”

Single Endpoint - One URL for all operations
Client-Specified Queries - Client decides what data to fetch
Strongly Typed Schema - Schema defines all possible queries
Introspection - Schema is self-documenting
Real-time Subscriptions - WebSocket support for live updates

GraphQL vs REST: The Core Difference

Section titled “GraphQL vs REST: The Core Difference”

REST: Multiple Endpoints, Fixed Responses

Section titled “REST: Multiple Endpoints, Fixed Responses”

1
GET /users/123          → Returns full user object
2
GET /users/123/orders   → Returns all orders
3
GET /users/123/profile  → Returns full profile

Problems:

❌ Over-fetching (get data you don’t need)
❌ Under-fetching (need multiple requests)
❌ Multiple round trips

GraphQL: Single Endpoint, Flexible Queries

Section titled “GraphQL: Single Endpoint, Flexible Queries”

1
query {
2
  user(id: 123) {
3
    name
4
    email
5
    orders {
6
      id
7
      total
8
    }
9
  }
10
}

Benefits:

✅ Fetch exactly what you need
✅ Get related data in one request
✅ Single round trip

GraphQL Schema: The Foundation

Section titled “GraphQL Schema: The Foundation”

Schema defines what data is available and how to query it.

Basic Schema Example

Section titled “Basic Schema Example”

1
type User {
2
  id: ID!
3
  name: String!
4
  email: String!
5
  orders: [Order!]!
6
}
7

8
type Order {
9
  id: ID!
10
  total: Float!
11
  items: [OrderItem!]!
12
}
13

14
type Query {
15
  user(id: ID!): User
16
  users: [User!]!
17
}
18

19
type Mutation {
20
  createUser(name: String!, email: String!): User!
21
  updateUser(id: ID!, name: String): User!
22
}

Type System

Section titled “Type System”

Type	Meaning	Example
`String`	Text	`"John Doe"`
`Int`	Integer	`42`
`Float`	Decimal	`99.99`
`Boolean`	True/False	`true`
`ID`	Unique identifier	`"123"`
`!`	Required (non-null)	`String!`
`[Type]`	Array	`[String!]!`

Queries: Fetching Data

Section titled “Queries: Fetching Data”

Queries are for reading data. They’re like GET requests in REST.

Simple Query

Section titled “Simple Query”

1
query {
2
  user(id: "123") {
3
    name
4
    email
5
  }
6
}

Response:

1
{
2
  "data": {
3
    "user": {
4
      "name": "John Doe",
5
      "email": "john@example.com"
6
    }
7
  }
8
}

Query with Arguments

Section titled “Query with Arguments”

1
query {
2
  users(limit: 10, offset: 0) {
3
    id
4
    name
5
  }
6
}

Query with Nested Data

Section titled “Query with Nested Data”

1
query {
2
  user(id: "123") {
3
    name
4
    email
5
    orders {
6
      id
7
      total
8
      items {
9
        product {
10
          name
11
          price
12
        }
13
        quantity
14
      }
15
    }
16
  }
17
}

This single query replaces multiple REST calls:

GET /users/123
GET /users/123/orders
GET /orders/456/items
GET /products/789

Query with Aliases

Section titled “Query with Aliases”

Get multiple versions of same field:

1
query {
2
  user1: user(id: "123") {
3
    name
4
  }
5
  user2: user(id: "456") {
6
    name
7
  }
8
}

Query with Fragments

Section titled “Query with Fragments”

Reusable field sets:

1
fragment UserInfo on User {
2
  id
3
  name
4
  email
5
}
6

7
query {
8
  user(id: "123") {
9
    ...UserInfo
10
    orders {
11
      id
12
    }
13
  }
14
}

Mutations: Modifying Data

Section titled “Mutations: Modifying Data”

Mutations are for creating, updating, or deleting data. Like POST/PUT/DELETE in REST.

Create Mutation

Section titled “Create Mutation”

1
mutation {
2
  createUser(name: "Jane Doe", email: "jane@example.com") {
3
    id
4
    name
5
    email
6
  }
7
}

Response:

1
{
2
  "data": {
3
    "createUser": {
4
      "id": "456",
5
      "name": "Jane Doe",
6
      "email": "jane@example.com"
7
    }
8
  }
9
}

Update Mutation

Section titled “Update Mutation”

1
mutation {
2
  updateUser(id: "123", name: "John Smith") {
3
    id
4
    name
5
    email
6
  }
7
}

Delete Mutation

Section titled “Delete Mutation”

1
mutation {
2
  deleteUser(id: "123") {
3
    id
4
  }
5
}

Multiple Mutations

Section titled “Multiple Mutations”

Execute multiple mutations in one request:

1
mutation {
2
  createUser(name: "Alice", email: "alice@example.com") {
3
    id
4
  }
5
  createOrder(userId: "123", items: [...]) {
6
    id
7
  }
8
}

Mutation Ordering

GraphQL executes mutations sequentially (in order), but queries can be executed in parallel. This ensures data consistency.

Subscriptions: Real-Time Updates

Section titled “Subscriptions: Real-Time Updates”

Subscriptions provide real-time data using WebSockets.

Subscription Example

Section titled “Subscription Example”

1
subscription {
2
  userUpdated(userId: "123") {
3
    id
4
    name
5
    email
6
  }
7
}

How it works:

Client subscribes via WebSocket
Server sends updates when data changes
Client receives real-time updates

Use Cases

Section titled “Use Cases”

Live chat messages
Real-time notifications
Stock price updates
Collaborative editing
Live dashboards

The N+1 Query Problem

Section titled “The N+1 Query Problem”

The biggest performance issue in GraphQL.

The Problem

Section titled “The Problem”

1
query {
2
  users {
3
    name
4
    orders {  # N+1 problem!
5
      id
6
      total
7
    }
8
  }
9
}

What happens:

Query 1: SELECT * FROM users (gets 100 users)
Query 2: SELECT * FROM orders WHERE user_id = 1
Query 3: SELECT * FROM orders WHERE user_id = 2
… (100 more queries!)

Total: 1 + 100 = 101 queries! 😱

Solution: DataLoader (Batching)

Section titled “Solution: DataLoader (Batching)”

DataLoader batches requests:

How DataLoader works:

Collects all requests in a batch
Waits for next event loop tick
Executes single batched query
Distributes results to individual requests

DataLoader Implementation

Section titled “DataLoader Implementation”

Python
Java

"dataloader_example.py

1
from dataloader import DataLoader
2
import asyncio
3

4
# Create DataLoader for orders
5
order_loader = DataLoader(
6
    batch_load_fn=lambda user_ids: load_orders_for_users(user_ids)
7
)
8

9
async def get_user_with_orders(user_id):
10
    user = await get_user(user_id)
11

12
    # This will be batched!
13
    orders = await order_loader.load(user_id)
14

15
    return {
16
        "user": user,
17
        "orders": orders
18
    }
19

20
async def load_orders_for_users(user_ids):
21
    # Single query for all users
22
    orders = await db.query(
23
        "SELECT * FROM orders WHERE user_id IN ?",
24
        user_ids
25
    )
26

27
    # Group by user_id
28
    orders_by_user = {}
29
    for order in orders:
30
        if order.user_id not in orders_by_user:
31
            orders_by_user[order.user_id] = []
32
        orders_by_user[order.user_id].append(order)
33

34
    # Return in same order as requested
35
    return [orders_by_user.get(uid, []) for uid in user_ids]

"DataLoaderExample.java

1
import org.dataloader.DataLoader;
2
import org.dataloader.DataLoaderRegistry;
3

4
// Create DataLoader for orders
5
DataLoader<Integer, List<Order>> orderLoader = DataLoader
6
    .newDataLoader(userIds -> {
7
        // Batch load orders for all users
8
        return CompletableFuture.supplyAsync(() -> {
9
            List<Order> orders = orderRepository.findByUserIdIn(userIds);
10

11
            // Group by user_id
12
            Map<Integer, List<Order>> ordersByUser = orders.stream()
13
                .collect(Collectors.groupingBy(Order::getUserId));
14

15
            // Return in same order as requested
16
            return userIds.stream()
17
                .map(uid -> ordersByUser.getOrDefault(uid, Collections.emptyList()))
18
                .collect(Collectors.toList());
19
        });
20
    });
21

22
// Usage in resolver
23
public CompletableFuture<List<Order>> getOrders(User user) {
24
    // This will be batched!
25
    return orderLoader.load(user.getId());
26
}

Resolvers: The Implementation

Section titled “Resolvers: The Implementation”

Resolvers are functions that fetch data for each field.

Resolver Structure

Section titled “Resolver Structure”

Python
Java

"resolvers.py

1
from ariadne import QueryType, MutationType
2
from typing import Optional, List
3

4
query = QueryType()
5
mutation = MutationType()
6

7
@query.field("user")
8
def resolve_user(_, info, id: str) -> Optional[dict]:
9
    """Resolver for user query"""
10
    return user_repository.find_by_id(id)
11

12
@query.field("users")
13
def resolve_users(_, info) -> List[dict]:
14
    """Resolver for users query"""
15
    return user_repository.find_all()
16

17
@mutation.field("createUser")
18
def resolve_create_user(_, info, name: str, email: str) -> dict:
19
    """Resolver for createUser mutation"""
20
    user = user_repository.create(name=name, email=email)
21
    return user
22

23
# Field resolvers (for nested fields)
24
def resolve_user_orders(user: dict, info) -> List[dict]:
25
    """Resolver for User.orders field"""
26
    return order_repository.find_by_user_id(user["id"])

"Resolvers.java

1
import com.coxautodev.graphql.tools.GraphQLQueryResolver;
2
import com.coxautodev.graphql.tools.GraphQLMutationResolver;
3

4
@Component
5
public class UserResolver implements GraphQLQueryResolver, GraphQLMutationResolver {
6
    private final UserRepository userRepository;
7

8
    public User user(String id) {
9
        // Resolver for user query
10
        return userRepository.findById(id).orElse(null);
11
    }
12

13
    public List<User> users() {
14
        // Resolver for users query
15
        return userRepository.findAll();
16
    }
17

18
    public User createUser(String name, String email) {
19
        // Resolver for createUser mutation
20
        User user = new User(name, email);
21
        return userRepository.save(user);
22
    }
23
}
24

25
// Field resolver for nested fields
26
@Component
27
public class UserFieldResolver implements GraphQLResolver<User> {
28
    private final OrderRepository orderRepository;
29

30
    public List<Order> orders(User user) {
31
        // Resolver for User.orders field
32
        return orderRepository.findByUserId(user.getId());
33
    }
34
}

When to Use GraphQL vs REST

Section titled “When to Use GraphQL vs REST”

Use GraphQL When:

Section titled “Use GraphQL When:”

✅ Multiple clients with different data needs
✅ Mobile apps where bandwidth matters
✅ Complex relationships between data
✅ Rapidly evolving API requirements
✅ Real-time updates needed (subscriptions)

Use REST When:

Section titled “Use REST When:”

✅ Simple CRUD operations
✅ Caching is critical (HTTP caching)
✅ File uploads (GraphQL handles this poorly)
✅ Simple APIs where over-fetching isn’t a problem
✅ Existing REST infrastructure

Hybrid Approach

Many companies use both! REST for simple operations, GraphQL for complex queries. You don’t have to choose one or the other.

GraphQL Best Practices

Section titled “GraphQL Best Practices”

1. Use Pagination

Section titled “1. Use Pagination”

❌ Bad:

1
query {
2
  users {  # Could return millions!
3
    id
4
    name
5
  }
6
}

✅ Good:

1
query {
2
  users(first: 10, after: "cursor123") {
3
    edges {
4
      node {
5
        id
6
        name
7
      }
8
    }
9
    pageInfo {
10
      hasNextPage
11
      endCursor
12
    }
13
  }
14
}

2. Limit Query Depth

Section titled “2. Limit Query Depth”

Prevent deeply nested queries:

1
MAX_QUERY_DEPTH = 10
2

3
def validate_query_depth(query, max_depth=MAX_QUERY_DEPTH):
4
    depth = calculate_depth(query)
5
    if depth > max_depth:
6
        raise GraphQLError("Query too deep")

3. Use Field-Level Authorization

Section titled “3. Use Field-Level Authorization”

Authorize at field level:

1
@query.field("user")
2
def resolve_user(_, info, id: str):
3
    user = user_repository.find_by_id(id)
4

5
    # Check if user can access email field
6
    if not can_access_field(info, "email"):
7
        user.pop("email")  # Remove email from response
8

9
    return user

4. Implement Query Complexity Analysis

Section titled “4. Implement Query Complexity Analysis”

Prevent expensive queries:

1
def calculate_complexity(query):
2
    complexity = 0
3
    for field in query.fields:
4
        complexity += field.complexity
5
        if field.has_list:
6
            complexity *= field.list_size
7
    return complexity
8

9
if calculate_complexity(query) > MAX_COMPLEXITY:
10
    raise GraphQLError("Query too complex")

5. Use Introspection Wisely

Section titled “5. Use Introspection Wisely”

Disable introspection in production (or limit it):

1
# Disable introspection
2
schema = make_executable_schema(type_defs, resolvers)
3
schema.introspection = False  # In production

LLD Connection: Implementing GraphQL

Section titled “LLD Connection: Implementing GraphQL”

At the code level, GraphQL translates to resolvers, schema definitions, and DataLoader patterns.

Complete Example

Section titled “Complete Example”

Python
Java

"graphql_service.py

1
from ariadne import make_executable_schema, QueryType, MutationType
2
from dataloader import DataLoader
3

4
# Schema definition
5
type_defs = """
6
type User {
7
  id: ID!
8
  name: String!
9
  email: String!
10
  orders: [Order!]!
11
}
12

13
type Order {
14
  id: ID!
15
  total: Float!
16
  items: [OrderItem!]!
17
}
18

19
type Query {
20
  user(id: ID!): User
21
  users: [User!]!
22
}
23

24
type Mutation {
25
  createUser(name: String!, email: String!): User!
26
}
27
"""
28

29
query = QueryType()
30
mutation = MutationType()
31

32
# DataLoaders
33
order_loader = DataLoader(
34
    batch_load_fn=lambda user_ids: load_orders_batch(user_ids)
35
)
36

37
@query.field("user")
38
def resolve_user(_, info, id: str):
39
    return user_repository.find_by_id(id)
40

41
@query.field("users")
42
def resolve_users(_, info):
43
    return user_repository.find_all()
44

45
@mutation.field("createUser")
46
def resolve_create_user(_, info, name: str, email: str):
47
    return user_repository.create(name=name, email=email)
48

49
# Field resolver with DataLoader
50
def resolve_user_orders(user, info):
51
    return order_loader.load(user["id"])
52

53
schema = make_executable_schema(type_defs, [query, mutation])

"GraphQLService.java

1
import graphql.GraphQL;
2
import graphql.schema.GraphQLSchema;
3
import com.coxautodev.graphql.tools.SchemaParser;
4

5
@Component
6
public class GraphQLService {
7
    private final GraphQL graphQL;
8

9
    public GraphQLService(UserResolver userResolver) {
10
        // Schema file: schema.graphqls
11
        GraphQLSchema schema = SchemaParser.newParser()
12
            .file("schema.graphqls")
13
            .resolvers(userResolver)
14
            .build()
15
            .makeExecutableSchema();
16

17
        this.graphQL = GraphQL.newGraphQL(schema)
18
            .queryExecutionStrategy(new BatchedExecutionStrategy())
19
            .build();
20
    }
21

22
    public ExecutionResult execute(String query) {
23
        return graphQL.execute(query);
24
    }
25
}

Key Takeaways

Section titled “Key Takeaways”

🎯 Ask for What You Need

GraphQL lets clients specify exactly what data they need, reducing over-fetching and under-fetching.

⚡ Watch for N+1

The N+1 query problem is GraphQL’s biggest performance issue. Use DataLoader to batch requests.

🔄 Resolvers Fetch Data

Resolvers are functions that fetch data for each field. They’re where your business logic lives.

📊 Schema is Contract

GraphQL schema defines your API contract. It’s self-documenting and strongly typed.

Next Steps

Section titled “Next Steps”

Learn gRPC & Protocol Buffers - high-performance binary protocol
Understand API Gateway Pattern - single entry point for APIs
Master Rate Limiting - controlling API usage

📚 Related Articles

Continue learning with these related topics

Design a Rate Limiter

Design a rate limiter system that restricts the number of requests a user or client can make to an API within a specified time window. The system should support multiple rate limiting algorithms, handle concurrent requests efficiently, and be scalable across distributed environments. Master this medium Low Level Design interview problem with step-by-step guidance, interactive UML class diagram builder, and complete solutions in Python, Java, C++, TypeScript, JavaScript, and C#.

→

Design a Coffee Machine

Design a coffee machine system that can prepare various beverages (coffee, tea, cappuccino, latte) based on predefined recipes, manage ingredient inventory (coffee beans, milk, water, sugar), allow user customization (sugar level, milk type), monitor ingredient levels with alerts, and handle the dispensing process with proper state management. Master this easy Low Level Design interview problem with step-by-step guidance, interactive UML class diagram builder, and complete solutions in Python, Java, C++, TypeScript, JavaScript, and C#.

→

Designing a Tic Tac Toe Game

Design a Tic Tac Toe game that allows two players to play on a 3x3 grid. Players take turns placing their symbols (X or O) in empty cells. The game should detect wins (three in a row horizontally, vertically, or diagonally) and handle draws when all cells are filled. Master this easy Low Level Design interview problem with step-by-step guidance, interactive UML class diagram builder, and complete solutions in Python, Java, C++, TypeScript, JavaScript, and C#.

→

Design a Cache Manager

Design an in-memory cache manager system that supports multiple eviction policies (LRU/LFU), time-to-live (TTL) expiration for cache entries, and thread-safe operations. The system should efficiently manage cache capacity, handle concurrent access, and provide flexible eviction strategies for different use cases. Master this hard Low Level Design interview problem with step-by-step guidance, interactive UML class diagram builder, and complete solutions in Python, Java, C++, TypeScript, JavaScript, and C#.

→

Design a Feed Generator

Design a feed generator system that aggregates content from multiple sources, ranks posts based on various algorithms, and delivers personalized feeds to users. The system should support different ranking strategies, caching mechanisms, real-time feed updates, and content filtering. Master this hard Low Level Design interview problem with step-by-step guidance, interactive UML class diagram builder, and complete solutions in Python, Java, C++, TypeScript, JavaScript, and C#.

→

Design a File Manager

Design a File Manager system that allows users to perform operations such as creating, reading, updating, and deleting files and directories. The system should efficiently manage file metadata, support file chunking for large files, and provide indexing and search capabilities. Master this hard Low Level Design interview problem with step-by-step guidance, interactive UML class diagram builder, and complete solutions in Python, Java, C++, TypeScript, JavaScript, and C#.

→

Last updated: Jan 6, 2026

Previous
REST API Design Next
gRPC & Protocol Buffers