All skills
GraphQL
Flexible API query language: request exactly what you need
β¬’ TIER 3Tech
+$15k-
Salary impact
5 months
Time to learn
Medium
Difficulty
6
Careers
TL;DR
GraphQL is a query language and runtime for building type-safe APIs: clients request exactly the data they need instead of fixed REST endpoints. Career path: Practitioner (basic queries/mutations, $95-130k) β Intermediate (schema design, resolvers, subscriptions, $130-170k) β Advanced (Federation, performance optimization, $170-220k) over 4-6 months. Federation enables microservices GraphQL at scale. Key tools: Apollo Server/Client, Hasura, PostGraphile, GraphQL Code Generator. Pricing: typically server-hosted, self-managed or managed services ($0-thousands depending on scale).
What is GraphQL
GraphQL is a query language for APIs, developed by Facebook. Alternative to REST where clients request exactly the data they need. Used by GitHub, Shopify, Airbnb. L1: Query & mutations, Apollo Client
π§ TOOLS & ECOSYSTEM
Apollo ServerApollo ClientRelayurqlGraphQL YogaHasuraPostGraphileGraphQL MeshPothosNexusGraphQL Code GeneratorgqlgenSangriaFederationDataLoader
π Before you start
π° Salary by region
| Region | Junior | Mid | Senior |
|---|---|---|---|
| USA | $95k | $140k | $190k |
| UK | Β£55k | Β£80k | Β£120k |
| EU | β¬60k | β¬85k | β¬125k |
| CANADA | C$100k | C$145k | C$195k |
π Certifications
π― Careers using GraphQL
β Compare with
β FAQ
GraphQL vs REST vs tRPC in 2026 β which should I use?
REST: mature, stateless, caching works out-of-the-box with HTTP. Good for simple CRUD. GraphQL: type-safe, exact data shape, solves overfetching at the cost of query complexity. Best for complex domains (e-commerce, social) where clients need varied data shapes. tRPC: RPC with TypeScript inference, zero-overhead, full end-to-end type safety. Emerging trend for monoliths; not suitable for multi-client ecosystems. For B2C startups: GraphQL (SEO-friendly, client control). For internal tools: tRPC. For massive public APIs: REST.
Federation vs schema stitching β what's the difference?
Schema stitching: old pattern, manually merge schema strings, fragile, requires delegation logic. Federation (Apollo): subgraphs declare entities, @key directives link them, managed at gateway level, type-safe. Federation is the 2026 standard for large orgs. Stitching is legacy; don't start new projects with it.
What is the N+1 problem in GraphQL and how do I fix it?
N+1: resolving 10 users triggers 10 separate DB queries for posts (1 for users + N for posts). Solution 1: DataLoader batches requests (collects all IDs, fetches once, caches). Solution 2: eager loading in the root resolver. Solution 3: push the join into the query (SQL subqueries, Prisma include). Apollo Server integrates DataLoader seamlessly; it's the default tool. Without it, GraphQL can be slower than REST on chatty databases.
How should I cache GraphQL queries on the client?
Apollo Client: normalized cache (entities by ID), automatic deduplication, cache-first/network-only policies per operation. Relay: similar normalized cache, strict conventions. For JSON response caching: set Cache-Control headers on the HTTP response (Apollo Server does this via plugins). Query-level caching: Apollo's built-in policies (cache-first, network-only, no-cache). Server-side: HTTP caching, CDN (Automatic Persisted Queries), Redis for computed fields. Most teams cache at the HTTP layer, not query layer.
Security: query complexity attacks, depth limiting, rate limiting β what do I need?
Depth limiting: reject queries deeper than N levels (prevent nested loops). Complexity scoring: assign cost per field (scalar=1, list=Γ10), reject if total >threshold. Rate limiting: per IP or per user. Timeout: long-running queries kill servers. Cost-aware planning: Shopify's algorithm calculates cost before execution. Start with depth limit (max 10) + complexity analysis + APQ (persisted queries) to restrict to approved ops. Credentials: never expose schema introspection in production. Use authenticated endpoints only.
Is GraphQL declining in 2026?
No, but hype-cycle wisdom applies: REST didn't die, REST + GraphQL coexist. GraphQL dominates for web/mobile clients (Shopify, GitHub, Discord). Microservices discovered Federation solves real problems. REST remains default for simple CRUD and ecosystem tooling. tRPC is capturing monolith mindshare (simpler, less ceremony). For new projects: GraphQL if you have complex client patterns, Federation if multi-team. Single-service startups often skip GraphQL (REST + tRPC faster to market).
How do I handle real-time updates β WebSockets vs polling?
Polling: client asks every N sec, wasteful but simple, works anywhere. WebSockets: persistent connection, server pushes updates, low latency. GraphQL Subscriptions use WebSockets (server sends field updates). Apollo Server supports subscriptions out-of-the-box. For real-time: subscriptions. For occasional updates: polling is fine. For chat/gaming: subscriptions essential. Scaling WebSockets is hard (sticky sessions, PubSub backend). Most teams use third-party (Supabase real-time, Firebase, Socket.io) rather than DIY GraphQL subscriptions.
When should I use code generation (GraphQL Code Generator) vs manual types?
Always use code generation. GraphQL Code Generator watches your schema and operations, generates TypeScript types for queries/mutations/subscriptions. Eliminates mismatch (schema changes, types don't). Pro: queries are type-safe end-to-end, autocomplete on response data. Apollo Client has built-in @graphql-codegen plugin. Takes 5 minutes to set up. If you're writing types by hand, you're doing it wrong.
Not sure this skill is for you?
Take a 10-min Career Match β we'll suggest the right tracks.
Find my best-fit skills βFind your ideal career path
Skill-based matching across 2,536 careers. Free, ~10 minutes.
Take Career Match β free β