GraphQL launched from Facebook as open source in 2015. In 2022 it is a mature technology with clear adoption patterns. The enthusiasm of its early years has settled into a pragmatic view of when it provides genuine value.
What GraphQL solves
GraphQL addresses over-fetching (REST returns more data than the client needs) and under-fetching (REST requires multiple requests to assemble a complete view). A single GraphQL query can specify exactly which fields are needed, and can fetch data from multiple resources in one request. For client-heavy applications where the client's data needs vary significantly, GraphQL gives clients control over the data shape without requiring API changes.
The N+1 problem
GraphQL's most common production problem is the N+1 query: a query that fetches a list of items and then makes a separate data source call for each item to fetch a related field. Without mitigation, fetching 100 items with a nested field results in 101 database queries. DataLoader, the solution from Facebook, batches and deduplicates requests. Implementing DataLoader correctly for every resolver that has relational data is non-trivial work that REST endpoints do not require.
When REST is simpler
For simple CRUD APIs where the data shape is consistent and the client is not performance-constrained, REST is simpler to build, test, and cache. HTTP caching (ETags, Cache-Control) works naturally with REST. Caching GraphQL queries requires application-level caching with care about cache invalidation for mutations. For APIs consumed by third parties, REST's predictability and tool support (Swagger, Postman) is a practical advantage.
Federation for large organisations
GraphQL federation, where a gateway composes multiple downstream GraphQL subgraphs into a unified API, addresses the scaling problem that monolithic GraphQL schemas face. Apollo Federation is the most widely used implementation. For organisations with many teams each owning parts of the data model, federation lets each team evolve their schema independently while the gateway presents a consistent API. The operational complexity of maintaining a federated graph is the trade-off.