apollographql · goto-bus-stop · Aug 16, 2024 · Aug 15, 2024 · Aug 16, 2024
@@ -4,6 +4,12 @@ subtitle: Restrict access to credentialed users and systems
 description:  Protect sensitive data by enabling JWT authentication in the Apollo GraphOS Router. Restrict access to credentialed users and systems.
 ---
 
+<SummitCallout
+  topic="graph security"
+  workshopName="Securing your graph: A defense-in-depth strategy"
+  URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1712945157460001NjSZ"
+/>
+
 <PremiumFeature linkWithAnchor="https://www.apollographql.com/pricing#graphos-router" />
 
 Authentication is crucial to prevent illegitimate access and protect sensitive data in your graph. The GraphOS Router supports request authentication and key rotation via the [JSON Web Token](https://www.rfc-editor.org/rfc/rfc7519) (**JWT**) and [JSON Web Key](https://www.rfc-editor.org/rfc/rfc7517) (**JWK**) standards. This support is compatible with popular identity providers (**IdPs**) like Okta and Auth0.

@@ -5,6 +5,12 @@ description: Secure communication to AWS subgraphs via the Apollo GraphOS Router
 minVersion: 1.27.0
 ---
 
+<SummitCallout
+  topic="graph security"
+  workshopName="Securing your graph: A defense-in-depth strategy"
+  URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1712945157460001NjSZ"
+/>
+
 The GraphOS Router and Apollo Router Core support subgraph request authentication and key rotation via [AWS Signature Version 4](https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html) (SigV4).
 
 This allows you to secure communication to AWS subgraphs by making sure a subgraph request was made by the router, and the payload hasn't been tampered with.

@@ -5,6 +5,12 @@ description: Prevent cross-site request forgery (CSRF) attacks in the Apollo Gra
 minVersion: 0.9.0
 ---
 
+<SummitCallout
+  topic="graph security"
+  workshopName="Securing your graph: A defense-in-depth strategy"
+  URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1712945157460001NjSZ"
+/>
+
 ## About CSRF
 
 [Cross-site request forgery (CSRF)](https://owasp.org/www-community/attacks/csrf) attacks use side effects of ["simple"](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#simple_requests) requests to execute GraphQL operations from requests sent by sites that shouldn't be allowed to communicate with your server, based on the [CORS policy](./cors/) of your GraphOS Router or Apollo Router Core.

@@ -6,6 +6,12 @@ description: Distributed caching for GraphOS Router with GraphOS Enterprise. Con
 
 import RedisTLS from '../../shared/redis-tls.mdx'
 
+<SummitCallout
+  topic="graph performance"
+  workshopName="Better, faster, stronger: Advanced configurations to boost your router performance"
+  URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1712947098784001VPCx"
+/>
+
 <EnterpriseFeature linkWithAnchor="https://www.apollographql.com/pricing#graphos-router" />
 
 If you have multiple GraphOS Router instances, those instances can share a Redis-backed cache for their query plans and automatic persisted queries (APQ). This means that if _any_ of your router instances caches a particular value, _all_ of your instances can look up that value to significantly improve responsiveness. For more details on query plans and APQ, see the article on [in-memory caching](./in-memory-caching).
@@ -162,4 +168,4 @@ When active, the `required_to_start` option will prevent the router from startin
 
 ### Reset TTL
 
-When this option is active, accessing a cache entry in Redis will reset its expiration.
+When this option is active, accessing a cache entry in Redis will reset its expiration.
@@ -5,6 +5,12 @@ description: Subgraph entity caching for GraphOS Router with GraphOS Enterprise.
 minVersion: 1.40.0
 ---
 
+<SummitCallout
+  topic="graph performance"
+  workshopName="Better, faster, stronger: Advanced configurations to boost your router performance"
+  URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1712947098784001VPCx"
+/>
+
 <EnterpriseFeature />
 
 <PreviewFeature />

@@ -4,6 +4,12 @@ subtitle: Configure router caching for query plans and automatic persisted queri
 description: Configure in-memory caching for improved performance in Apollo GraphOS Router or Apollo Router Core. Configure query plans and automatic persisted queries caching.
 ---
 
+<SummitCallout
+  topic="graph performance"
+  workshopName="Better, faster, stronger: Advanced configurations to boost your router performance"
+  URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1712947098784001VPCx"
+/>
+
 Both GraphOS Router and Apollo Router Core use an in-memory LRU cache to store the following data:
 
 - [Generated query plans](#caching-query-plans)

@@ -4,6 +4,12 @@ subtitle: Set constraints on depth, height, aliases, and root fields
 description: Ensure your GraphQL operations are secure with GraphOS Router's operation limits. Set constraints on depth, height, aliases, and root fields.
 ---
 
+<SummitCallout
+  topic="graph security"
+  workshopName="Securing your graph: A defense-in-depth strategy"
+  URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1712945157460001NjSZ"
+/>
+
 <EnterpriseFeature linkWithAnchor="https://www.apollographql.com/pricing#graphos-router" />
 
 You can define **operation limits** in your router's configuration to reject potentially malicious requests. An operation that exceeds _any_ specified limit is rejected (unless you run your router in [`warn_only` mode](#warn_only-mode)).

@@ -5,6 +5,12 @@ description: Secure your federated GraphQL API by creating an allowlist of trust
 minVersion: 1.25.0
 ---
 
+<SummitCallout
+  topic="graph security"
+  workshopName="Securing your graph: A defense-in-depth strategy"
+  URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1712945157460001NjSZ"
+/>
+
 <EnterpriseFeature linkWithAnchor="https://www.apollographql.com/pricing#graphos-router" />
 
 <PQIntro />

@@ -6,6 +6,12 @@ description: Observe and monitor the health and performance of GraphQL operation
 
 import TelemetryPerformanceNote from '../../../shared/telemetry-performance.mdx';
 
+<SummitCallout
+  topic="telemetry"
+  workshopName="Debugging your business with GraphOS Router advanced telemetry"
+  URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1722260608290001gftE"
+/>
+
 In this overview, learn about:
 - How GraphOS Router and Apollo Router Core telemetry enable supergraph observability and debuggability
 - What data is captured in the router's logs, metrics, and traces

@@ -5,6 +5,12 @@ description: Protect your graph from malicious or demanding clients with Apollo
 minVersion: 1.48.0
 ---
 
+<SummitCallout
+  topic="graph security"
+  workshopName="Securing your graph: A defense-in-depth strategy"
+  URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1712945157460001NjSZ"
+/>
+
 <EnterpriseFeature />
 
 <PreviewFeature>

@@ -5,6 +5,12 @@ description: Configure your router to support GraphQL subscriptions, enabling cl
 minVersion: 1.22.0
 ---
 
+<SummitCallout
+  topic="federated subscriptions"
+  workshopName="Realtime data across your graph with federated subscriptions"
+  URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1712947533686001PnBR"
+/>
+
 <PremiumFeature>
 
 **For self-hosted routers, subscription support is an [Enterprise feature](../enterprise-features/).**