Are there server side validation directives for GraphQL?

Hi Team,

Are there any directives, that would restrict client from sending bad data to auto generated GraphQL Endpoint?

For example: Restricting client from setting a bad email, phone number, postal code, “Username should be minimum of 3 characters long”, or “Message should be 30 characters at least”

@regex directive on a mutation perhaps?

As it can be useful in cases where:

  1. Either I mess up and don’t have client side validation or
  2. If front end is compromised and people spam bad data into back-end or
  3. Someone uses postman kind of tool which doesn’t have client side validation.

Hey @abhijit-kar,
Currently we don’t have this feature in GraphQL. But we’re planning to add a directive like @validate or @constraint that’ll enable validation for scalar/list fields. (min/max/includeMin/includeMax) for Int/Float/DateTime/list and (min/max length, regex) for String.

2 Likes