Backend Developer Forum>Questions/Help

What's the recommended approach for securing GraphQL APIs?

conradwt

conradwt

What's the recommended approach for securing GraphQL APIs?

Hi, I’m building an application that will have support for both the web and mobile. At this time, I’m using PhxGenAuth for authentication on the web. However, it appears that there’s no out-of-the-box support for API authentication.

Thus, I was wondering, what’s the recommended approach for securing GraphQL APIs these days? From the book “Craft GraphQL APIs in Elixir with Absinthe”, it appears that JWTs is a good solution to go with for now.

Finally, are there any recommended Hex authentication packages that support both session and API authentication?

1 comment
#community/phoenix/book-craft-graphql-apis-in-elixir-with-absinthe#graphql
6 926 1

Most Liked

OvermindDL1

OvermindDL1

A header token or a token passed in the message directly are the two ways I most often see.

3
Post #3

Popular Backend topics Top

PragmaticBookshelf
Backend Developer Forum>Learning Resources

Metaprogramming Ruby 2
Dig under the surface and explore Ruby’s most advanced feature: a collection of techniques and tricks known as metaprogramming. Pa...
/rails/ruby#pragprog#published-book/book-metaprogramming-ruby-2
32 1952 8
New
PragmaticBookshelf
Backend Developer Forum>Learning Resources

Test-Driven Development for Embedded C
TDD is a modern programming practice that all C developers need to know. It’s a different way to program—unit tests are written in a tigh...
/c#pragprog#published-book/book-test-driven-development-for-embedded-c
3 1542 1
New
AstonJ
Backend Developer Forum>Questions/Help

Erlang's not installing on macOS Big Sur "You are natively building Erlang/OTP for a later version of MacOSX than current version"
Just done a fresh install of macOS Big Sur and on installing Erlang I am getting: asdf install erlang 23.1.2 Configure failed. checking ...
/erlang#asdf#macos#big-sur
10 5387 8
New
CinderellaMan
Backend Developer Forum>Learning Resources

Create a cryptocurrency trading bot in Elixir (self-published) (book + videos)
Create a cryptocurrency trading bot in Elixir (YouTube videos, ebook pay what you want) <span class="hashtag-icon-placeholder"></span>eli...
/elixir#cryptocurrencies#algorithmic-trading
32 2165 12
New
PragmaticBookshelf
Backend Developer Forum>Learning Resources

Programming Phoenix LiveView
Build highly interactive applications without ever leaving Elixir, the way the experts do. Let LiveView take care of performance, scalabi...
#pragprog/elixir/phoenix#published-book/book-programming-phoenix-liveview
61 2836 14
New
OvermindDL1
Backend Developer Forum>Chat/Discussions

What's special about Rust's Rocket framework
Woooooooo! This is such a huge release for it, and 2 years incoming! In short, the library is now using an updated hyper backend (not j...
/rust/rocket#sticky
20 2685 6
New
First poster: bot
Backend Developer Forum>News

Node.js v14.19.0 released!
Node.js v14.19.0 has been released. Link: Release 2022-02-01, Version 14.19.0 'Fermium' (LTS), @richardlau · nodejs/node · GitHub
github.com
/nodejs#official-news
0 1407 0
New
jeya
Backend Developer Forum>Questions/Help

Pytest: test fails while getting URL
Dear Geeks I am new to pytest. I am following a youtube channel. I am writing the same code. learning to test login functionality of an...
/python#pytest
23 1331 12
New
AstonJ
Backend Developer Forum>Questions/Help

Rails db:create error - PG::ConnectionBad: connection to server on socket "/tmp/.s.PGSQL.5432" failed: FATAL: database "_development" does not exist
If when trying to create (or recreate) your dev db with rails db:create you are getting: PG::ConnectionBad: connection to server on soc...
/rails#troubleshooting
3 1843 0
New
PragmaticBookshelf
Backend Developer Forum>Learning Resources

Jetpack Compose 1.6 Essentials
Create Android applications using Jetpack Compose 1.6, Android Studio, Material Design 3, and the Kotlin programming language. Neil...
/kotlin#android#pragprog#published-book#book-jetpack-compose-1-6-essentials
1 590 0
New

Other popular topics Top

Devtalk
General Dev Chat

What dev-related stuff have you been up to?
Reading something? Working on something? Planning something? Changing jobs even!? If you’re up for sharing, please let us know what you’...
#community
1017 16927 374
New
malloryerik
Frontend Developer Forum>Chat/Discussions

Svelte - what do you think about it?
Any thoughts on Svelte? Svelte is a radical new approach to building user interfaces. Whereas traditional frameworks like React and Vue...
#opinions/svelte
54 3345 17
New
DevotionGeo
Backend Developer Forum>Questions/Help

Can someone explain the -t option/flag in docker run command?
I know that -t flag is used along with -i flag for getting an interactive shell. But I cannot digest what the man page for docker run com...
#docker
7 6794 2
New
AstonJ
Code Editors

Onivim 2 Code Editor
Thanks to @foxtrottwist’s and @Tomas’s posts in this thread: Poll: Which code editor do you use? I bought Onivim! :nerd_face: http://on...
#code-editors/onivim/revery
88 5109 32
New
AstonJ
Hardware

BIIP MT3 Extended 2048 Custom Keycap Set (Drop)
This looks like a stunning keycap set :orange_heart: A LEGENDARY KEYBOARD LIVES ON When you bought an Apple Macintosh computer in the e...
/keyboards#apple#mechanical-keyboards#keycaps
14 5805 7
New
PragmaticBookshelf
In The Spotlight

Spotlight: Noel Rappin (Author)
“Finding the Boundaries” Hero’s Journey with Noel Rappin @noelrappin Even when you’re ultimately right about what the future ho...
#author-spotlight#web-development/rails/book-modern-front-end-development-for-rails/book-rails-5-test-prescriptions
34 3654 21
New
PragmaticBookshelf
In The Spotlight

Spotlight: Paolo Perrotta (Author)
“A Mystical Experience” Hero’s Journey with Paolo Perrotta @nusco Ever wonder how authoring books compares to writing articles?...
#community#author-spotlight/book-programming-machine-learning/book-metaprogramming-ruby-2
31 3374 15
New
First poster: joeb
In The News

Safari now supports File System Access API with private origin
The File System Access API with Origin Private File System. WebKit supports new API that makes it possible for web apps to create, open,...
webkit.org
#safari#api
43 2807 21
New
AstonJ
macOS Developer Forum>Chat/Discussions

How to block any website on Mac using Little Snitch
If you want a quick and easy way to block any website on your Mac using Little Snitch simply… File &gt; New Rule: And select Deny, O...
#macos#littlesnitch#how-to
5 7401 3
New
PragmaticBookshelf
In The Spotlight

Spotlight: Karl Stolley (Author) Interview and AMA!
Author Spotlight: Karl Stolley @karlstolley Logic! Rhetoric! Prag! Wow, what a combination. In this spotlight, we sit down with Karl ...
#author-spotlight/book-programming-webrtc
31 3552 16
New
Back to top

Latest in Backend

Symfony v7.3.0-BETA1, v7.2.6 and v6.4.21 released!
Backend News
Ruby: CVE-2025-43857: DoS vulnerability in net-imap
Backend News
V weekly.2025.18 released!
Backend News
Kotlin v2.1.21-RC2 released!
Backend News
Quarkus 3.22.1 and 3.22.0 released!
Backend News
PostgreSQL: pgAdmin 4 v9.3 Released
Backend News
Kotlin v2.2.0-Beta2 released!
Backend News
Kotlin: Structuring Ktor Projects Using Domain-Driven Design (DDD) Concepts: A Step-by-Step Guide With a Minimalistic CRM
Backend News
PostgreSQL: pgDay Lowlands in Rotterdam - Call For Presentations (CfP) Closing Soon, and the Call for Sponsors is Open!
Backend News
Crystal 1.16.2 is released!
Backend News
PostgreSQL: pg_auto_reindexer v1.4 released
Backend News
Crystal 1.16.2 released!
Backend News
How to Use Kotlin Notebooks for Productive Development
Backend News
PostgreSQL: Streaming Data into Postgres with Estuary
Backend News
Clojure: Introducing core.async.flow
Backend News
Django: New Features GitHub repo and project
Backend News
V weekly.2025.17 released!
Backend News
Julia v1.12.0-beta2 released!
Backend News
Clojure Deref (Apr 25, 2025)
Backend News
R: Sensitivity to C math library and mingw-w64 v12
Backend News

View all threads ❯

Latest (all)

CentOS: Release the Quokka
Linux News
Offline-First with CouchDB and PouchDB in 2025
In The News
LLMs for Engineering: Teaching Models to Design High Powered Rockets
In The News
AI suggestions make writing more generic, Western | Cornell Chronicle
In The News
Owen Le Blanc: creator of the first Linux distribution
In The News
Mike Waltz Accidentally Reveals Obscure App the Government Is Using to Archive Signal Messages
In The News
Zoho Halts $700 million Semiconductor Plan
In The News
Symfony v7.3.0-BETA1, v7.2.6 and v6.4.21 released!
Backend News
openSUSE: Tumbleweed Monthly Update - April 2025
Linux News
Creating Beautiful Charts with JRuby and JFreeChart
Frontend In the News
When ChatGPT Broke an Entire Field: An Oral History | Quanta Magazine
In The News
AI Code Review: Should the Author Be The Reviewer?
In The News
Claude can now connect to your world
In The News
Why Fivetran and Census are joining forces | Blog | Fivetran
In The News
React Native v0.79.2 released!
Hybrid News

View all threads ❯

We ❤️ helpful members!

We reward our most helpful members via our MOTM scheme - by giving away a whopping 25 books per year!

Member of the Month

Devtalk Sponsors

Pragmatic Bookshelf

Practical resources that improve the lives of professional developers.

Erlang Solutions

We build trusted fault-tolerant systems that scale to billions of users.

Manning Publications

Develop your skills with books, videos, and courses.

AppSignal

Catch errors, track performance, monitor hosts and more.

WyeWorks

Enabling companies to succeed by building software people love.

Pragmatic Studio

Courses that'll move you from confusion to "Aha, now I get it!"

View all our sponsors ❯

Categories:

Popular Portals

Devtalk Sponsors

Pragmatic Bookshelf

Practical resources that improve the lives of professional developers.

Erlang Solutions

We build trusted fault-tolerant systems that scale to billions of users.

Manning Publications

Develop your skills with books, videos, and courses.

AppSignal

Catch errors, track performance, monitor hosts and more.

WyeWorks

Enabling companies to succeed by building software people love.

Pragmatic Studio

Courses that'll move you from confusion to "Aha, now I get it!"

View all our sponsors ❯

We're in Beta

About us Mission Statement See our Roadmap