Published on

WunderGraph Cosmo: Pioneering Federated GraphQL Security and Data Sovereignty

  • avatar
    Andrew Blase


Are you grappling with the complexities of managing GraphQL services in an enterprise setting? Look no further. WunderGraph Cosmo is here to address these challenges, especially in the realm of security and data sovereignty. In this blog, we'll explore Cosmo's architecture, security features, and much more.

Graph Security

What is WunderGraph Cosmo?

WunderGraph Cosmo is not just another GraphQL service; it's a comprehensive solution designed for modern enterprises. It offers a unique blend of performance, security, and flexibility, making it an ideal choice for businesses of all sizes.

The Architecture of Cosmo

Imagine Cosmo as a well-organized city. In this city, various components work in harmony to ensure smooth operations, much like how Cosmo's architecture is designed to offer a seamless and secure GraphQL experience.

Control Plane: The City Council

The Control Plane is like the city council, responsible for governance and policy-making. It manages the overall configuration, ensuring that all sub-components like federated graphs and routers are working as they should. The Control Plane is the brain of the operation, making high-level decisions that affect the entire system.

A diagram illustrating the role of the Control Plane in Cosmo's architecture

Router: The Traffic Control Center

The Router acts as the traffic control center, directing incoming GraphQL queries to the appropriate destinations. It's responsible for load balancing, caching, and other optimizations. Think of it as the traffic lights and signs that guide cars through the city, ensuring that everything flows smoothly.

A flowchart showing how the Router directs queries in Cosmo

Federated Graphs: The Neighborhoods

Federated Graphs are like the various neighborhoods in the city, each with its own unique characteristics and data. These federated graphs allow Cosmo to break down a large, monolithic GraphQL API into smaller, more manageable pieces. This not only improves performance but also adds an extra layer of security by isolating data sources.

A map showing different Federated Graphs as neighborhoods in Cosmo city

Subgraphs: The Buildings

Within each neighborhood (Federated Graph), there are buildings (Subgraphs). These subgraphs are individual services that contribute to the overall GraphQL API. They can be developed and deployed independently, offering a great deal of flexibility.

By understanding these key components, you'll gain a clearer picture of how Cosmo provides a robust, secure, and efficient GraphQL service. Its architecture is designed to scale with your needs, making it a future-proof solution for enterprises of all sizes.

Security Features

Security is not an afterthought in Cosmo; it's a priority. The architecture and design principles behind Cosmo are geared towards providing an enterprise-grade secure GraphQL experience. Let's delve into some of the key security features that set Cosmo apart.

Federated Graphs: Isolating Data Sources

Federated Graphs in Cosmo act as isolated data sources, much like secure vaults within a bank. Each federated graph can have its own set of security rules, ensuring that sensitive data is not exposed unintentionally. This isolation adds an extra layer of security, making it difficult for unauthorized users to gain access to protected information.

Control Plane: The Security Manager

The Control Plane not only manages the overall configuration but also plays a crucial role in security. It acts as the security manager, enforcing policies and ensuring that all federated graphs and routers are compliant with enterprise security standards. It's like the security guard who checks IDs before allowing entry into a secure facility.

API Keys and Authentication

Cosmo supports API keys and various authentication mechanisms, allowing you to control who has access to your GraphQL services. You can set up roles and permissions, ensuring that users only have access to the data they are authorized to see.


Schema Checks and Composition Errors

Cosmo performs schema checks to prevent malicious queries and composition errors. These checks act as a first line of defense against common GraphQL vulnerabilities, such as Depth Attacks and N+1 Query Attacks.

A schema check in action.

Telemetry for Security Monitoring

The built-in telemetry features in Cosmo allow for real-time security monitoring. You can track queries, mutations, and other activities, providing valuable insights for auditing and compliance.

A dashboard displaying real-time security telemetry in Cosmo

By incorporating these security features, Cosmo offers a robust and secure GraphQL service that meets the stringent requirements of modern enterprises. Whether it's data isolation, access control, or real-time monitoring, Cosmo has got you covered.

Data Sovereignty and Self-Hostability

In today's digital age, data sovereignty has become a critical concern for enterprises. With regulations like GDPR and CCPA, companies are under increasing pressure to ensure that their data is stored and processed in compliance with local laws. This is where Cosmo's self-hostability comes into play, offering a unique solution to these challenges.

What is Data Sovereignty?

Data sovereignty refers to the concept that digital data is subject to the laws of the country in which it is located. For enterprises, this means ensuring that their data is stored in jurisdictions that comply with their legal and business requirements.

Self-Hostability: The Ultimate Control

Cosmo offers the ability to self-host your GraphQL services, giving you complete control over where your data resides. Unlike other solutions that lock you into a specific cloud provider or region, Cosmo's self-hostability allows you to choose the best location based on your data sovereignty needs.

Compliance Made Easy

With Cosmo, compliance with data sovereignty laws becomes a less daunting task. By self-hosting your GraphQL services, you can easily adhere to local regulations, reducing the risk of legal complications and potential fines.

A checklist showing various compliance requirements and how Cosmo addresses them

High Availability and Disaster Recovery

Self-hostability also has the added benefit of high availability and disaster recovery. By hosting your GraphQL services in multiple locations, you can ensure uninterrupted service even in the face of hardware failures or other unforeseen events.

Security and Isolation

Self-hosting with Cosmo means that your data is not mingled with other companies' data. This provides an additional layer of security and isolation, further enhancing Cosmo's enterprise-grade security features.

By offering self-hostability, Cosmo not only provides a solution to data sovereignty challenges but also adds layers of security, compliance, and high availability to your GraphQL services. It's a win-win for modern enterprises looking to take control of their data.

Access Control and Future Plans

Cosmo is not resting on its laurels. Future plans include enhanced access control features, making it an even more secure option for enterprises.

Getting Started with Cosmo

Ready to take the plunge? Here's a simple guide to get you started with Cosmo. All you need is a basic understanding of GraphQL and a sense of adventure.


WunderGraph Cosmo is more than just a GraphQL service; it's a comprehensive solution for enterprise security and data sovereignty. From its robust architecture to its focus on observability, Cosmo is designed to meet the needs of modern enterprises.

Don't just take our word for it. Check out Cosmo for yourself and experience the future of enterprise GraphQL services.

Additional Resources

For those who wish to dive deeper, check out Cosmo's official documentation.

Get twice as much done with a fifth of the code.