Blog
Get the latest news on how products at WunderGraph are built, technologies are used, and join the teams helping to build a better landscape of API integration.
Per-Tool OAuth Scopes for MCP, Derived from Your Schema
Enforce per-tool OAuth scopes on MCP servers using your GraphQL schema. AI agents get least-privilege access with automatic scope step-up — no BFF needed.
Ahmet Soormally
MCP Scope Step-Up Authorization: From Implementation to Spec Contribution
Cosmo's MCP server already exposes your graph as AI-ready tools. When we added per-tool OAuth scope step-up authorization so clients don't need a god token, we hit an infinite loop. The root cause: a gap between the MCP spec and RFC 6750 on scope challenges, plus SDK behavior that overwrites scopes instead of accumulating them. Here's what we found and how we're approaching it.
Ahmet Soormally
Managing Permissions in Cosmo Just Got Easier with Groups
Manage access with precision in Cosmo. Groups let you control who can view, publish, or deploy, across users and API keys, in one centralized system.
Wilson Rivera
From Interview Task to Production Feature
The story of how an interview assignment turned into a real feature and became my first open-source contribution to Cosmo.
Akshay Garg
Scaling GraphQL Schema Usage to billions of requests per day
See how Cosmo’s cloud architecture scales GraphQL observability with Kafka, ClickHouse & regional load balancing for enterprise reliability.
Dustin Deus
Serverless GraphQL Federation Router for AWS Lambda
Deploy GraphQL Federation on AWS Lambda with Cosmo’s serverless router. Small, fast, OpenTelemetry-ready, and built for real-world performance.
Dustin Deus
From 26 Minutes to 20 Seconds: Using pprof to optimize large GraphQL Operations in Go
How we reduced the executing time of a huge GraphQL operation using Golang's profiling tools
Alberto García Hierro
