Are GraphQL variables exported by default?

No. The `export_graphql_variables` setting defaults to false. Variables are stripped from trace spans before any export.

How do I enable variable export for debugging?

Set `export_graphql_variables: true` in the `telemetry.tracing` block of your router config, or set the environment variable `TRACING_EXPORT_GRAPHQL_VARIABLES=true`. Enable this in a dedicated debugging environment rather than production.

What is operation content normalization?

The router normalizes operation content before writing span attributes, removing any user data embedded directly in the query string. This is separate from variable exclusion and applies regardless of the variable export setting.

How does this relate to query replay in Cosmo Studio?

Query replay requires variable values to reproduce the exact original request. Enable variable export in a debug environment, then use Cosmo Studio distributed tracing to replay the trace with the original variables.

Does this help with GDPR compliance?

Excluding variables from telemetry by default supports GDPR data minimization principles. Consult your legal team for a determination specific to your data processing activities.

Can I enable variable export for specific operations only?

The current setting is global. For selective capture, enable variable export in an isolated debugging environment and route specific traffic there rather than enabling it on a shared production instance.

GraphQL Variable Export Control | Cosmo by WunderGraph

The problem

Variables travel further than they should

Most telemetry pipelines capture everything. GraphQL variables carry sensitive data that should not land in your observability platform.

GraphQL variables carry sensitive data

Variables often contain user inputs, authentication tokens, account numbers, and personal identifiers. Capturing them in traces creates compliance exposure.

Default telemetry tools capture everything

Most OTEL instrumentation records all span attributes by default. Variables end up in your observability platform, your SIEM, and your log archives without any filtering.

Debugging still needs exact variable values

Stripping variables entirely breaks query replay. Teams need a way to enable detailed capture for debugging without making it the production default.

Our solution

Secure by default, opt-in for debugging

The Cosmo Router excludes variables from telemetry by default. When a debugging session requires exact query reproduction, one flag enables capture. Production traces stay clean.

How variable export control works

The Cosmo Router processes GraphQL requests and exports telemetry to any OTEL-compatible backend.
By default, the `export_graphql_variables` setting is disabled. Variables are stripped from trace spans before export.
Operation content is also normalized to remove embedded user data from the trace.
When debugging requires exact query reproduction, enable variable export through a single configuration flag or environment variable.
With variable export enabled, variables are captured in trace attributes and available in Cosmo Studio for query replay.
The opt-in approach keeps production traces clean. Debugging sessions can enable capture on demand.

Safe in production. Powerful when you need it.

Variable export control

Before & After

Before Cosmo	With Cosmo
Variables captured by default in OTEL traces	Variables excluded from all trace spans by default
Sensitive user data visible in observability backends	Security-first telemetry with explicit opt-in for capture
Manual filtering rules required to exclude sensitive fields	Automatic exclusion; enable when needed with one config flag
Unable to replay queries without enabling global variable capture	Enable variable export in a debug environment; keep prod clean

Configuration

One flag controls variable capture

telemetry:
  tracing:
    export_graphql_variables: true
    # Default: false

Environment variable: TRACING_EXPORT_GRAPHQL_VARIABLES. Enable in a dedicated debug environment; keep disabled in production.

How variable export control works in Cosmo Router

01

Full request processed.

Process

The Cosmo Router parses and validates the incoming GraphQL request, including any variables passed with the operation.

02

Clean spans by default.

Normalize

Operation content is normalized to remove embedded user data before any span attribute is written. Variables are excluded unless explicitly enabled.

03

No variable data in exports.

Export

Traces are exported to your OTEL backend with operation name, type, and timing, but without variable values. Sensitive data stays within your application.

04

Debug on demand, not by default.

Replay

When variable export is enabled (opt-in), variables are captured in trace spans and available in Cosmo Studio for exact query reproduction during debugging.

Privacy controls

Safe defaults, deliberate overrides

Variables stay out of telemetry until you say otherwise.

Excluded by default

GraphQL variables are stripped from telemetry exports out of the box. No configuration changes needed for production safety.

Explicit opt-in

One configuration flag or environment variable enables variable capture. The decision is deliberate, not accidental.

Query replay support

When enabled, captured variables feed the Cosmo Studio query replay feature, letting teams reproduce exact production queries for debugging.

GDPR data minimization

Default behavior aligns with GDPR data minimization principles by keeping personal data out of observability systems unless explicitly included.

Keep variables out of your traces

The Cosmo Router excludes GraphQL variables from telemetry by default. Deploy and your traces stay clean.

Start Free Read the Docs

GraphQL variables excluded from traces by default