Build

Cosmo has everything you need to build monolithic & federated GraphQL APIs. At the core of Cosmo is the Schema Registry to manage your GraphQL schemas. Cosmo supports both v1 and v2 of the GraphQL Federation specification and comes with a powerful router to handle all your federation needs.


The version control for your GraphQL schemas. It always ensures the latest valid state is used to compose your federated graphs.
Publish schemas to the registry
Publish schemas to the registry

Support for Monographs, Federation v1 & v2

Publish schemas that are compatible with both versions of Federation. All your existing GraphQL Services will work out of the box. Any framework, any language. More info on what features are supported in v1 and v2 can be found in the Compatibility Matrix.

Schema Checks

Schema Checks are in integral part of the Cosmo Schema Registry. With Checks, you can govern the quality of your schemas and avoid publishing broken schemas. Cosmo performs checks in four different categories:

  • Composition Checks
  • Breaking Change Detection
  • Client Traffic Checks
  • Linting Checks

Composition Checks ensure that a change in a subgraph does not break the composition of the federated graph. Breaking Change Detection ensures that a change in a subgraph does not introduce a breaking change. Client Traffic Checks take the result of breaking change detection and validate it against real client traffic, allowing you to skip breaking changes that are not breaking any clients. Linting Checks allows you to enforce a certain schema style guide and best practices across all subgraphs.

Changelog

Track and document all schema modifications over time. Receive real time updates through webhooks and slack notification to always stay on top of everything.

Compositions

The Cosmo Schema Registry keeps track of all compositions over time. You can view the composition history of your federated graph and see how it evolved over time.

Pull Request based Schema Composition Workflows

Check and publish schemas from your git workflows. With our GitHub integration, receive statuses right in your PR commits.

The router is the component that understands the GraphQL Federation protocol. It is responsible for routing requests to the correct service and for aggregating the responses.

P99 Latency

Cosmo Router
186ms
Apollo Router
1.51s
Apollo Gateway
9.01s

Lower is better

Requests Per Second

Cosmo Router
1167
Apollo Router
143
Apollo Gateway
91

Higher is better

OTEL for Metrics and Tracing

Cosmo router supports exporting tracing and metrics via OpenTelemetry. These can be configured with multiple exporters. Both http and grpc are supported.

Prometheus Metrics

The router offers built-in support for Prometheus. We export the default Go and Process metrics including (R.E.D) metrics related to incoming GraphQL traffic

Subscriptions over WebSockets and Server-Sent Events (SSE)

The Cosmo Router comes with subscription support out of the box without any limitations. We support two different protocols: WebSockets, Server-Sent Events.

Local Composition, Development & running in Air-Gapped environments

The Cosmo Router can be run in a local environment not only for development but also for running in air-gapped environments. There's no need to connect to the internet or a control plane. You can compose a configuration file at build time and run the router in a completely offline environment.

Custom Modules, Middleware & Extensions

The Cosmo Router is built with extensibility in mind. You can write custom modules, middleware and extensions to fit your specific use case. For example, you can write a custom module to modify the request or response, or to add custom metrics, tracing or authorization.

Compliance & Data Privacy

At the heart of Cosmo is the ability to comply with data privacy regulations. As such, the Router comes with default configurations to ensure that no sensitive information of requests is sent to the Control Plane or Analytics.

Compatible with both v1 and v2, all your existing GraphQL services will work out of the box. Any framework, any language.

Schema Composition

Leverage open-source tooling around GraphQL in both JavaScript and Go to compose your federated graphs.

Schema Composition Checks

Easily avoid publishing broken schemas. Validate schema changes for breaking changes and composition errors. Perform checks against real time client traffic.

OSS Router with Authentication & Authorization

The Cosmo Router supports authenticating incoming requests using JWKS authentication. Multiple auth providers is also supported. Authorization directives can be used in your schema to define granular authorization rules on the field definition level.

The Cosmo Router comes with subscription support out of the box without any limitations. We support two different protocols to enable the most versatile data synchronization: WebSockets, Server-Sent Events.
Subscriptions over WebSockets and Server-Sent Events (SSE)
Subscriptions over WebSockets and Server-Sent Events (SSE)

Websockets using Epoll and Kqueue

We support subscriptions over websocket using graphql-ws (GraphQL over WebSocket Protocol compliant server and client) or graphql-transport-ws (Legacy) as well as the absinthe protocol. To ensure the best performance and minimize memory usage, we use epoll on Linux and kqueue on BSD-based systems to handle the connections.

Server-Sent Events

We support subscriptions over Server-Sent Events (SSE) using the GraphQL over Server-Sent Events Protocol protocol.

EDFS combines the power of GraphQL Federation and Event-Driven Architecture (Kafka, NATS, SQS, RabbitMQ, etc.). Build highly scalable and resource-efficient Event-Driven Federated Graphs.
GraphQL Subscriptions backed by Event-Driven Architecture
GraphQL Subscriptions backed by Event-Driven Architecture

Drive Subscriptions with Events

EDFS directly connects the Router to the Event Source. The Router listens to the events and triggers the Subscription resolvers. This eliminates the need for a WebSocket connection to the Subgraphs.

Deduplication of Subscriptions

The Cosmo Router deduplicates Subscriptions internally to save resources. If multiple Subscriptions use the same topic as a trigger, all Subscriptions share the same trigger. The trigger is shut down when all Subscriptions that depend on it are unsubscribed.

Stateless-ness of Subgraphs

With EDFS, the Router connects directly to the Event Source but doesn't require any stateful connections, e.g. WebSocket, to the Subgraphs. This makes the Subgraphs much simpler to reason about and easier to deploy

Efficiency, CPU & Memory Consumption

EDFS is built on top of Event-Driven principles, which means that the implementation is non-blocking, as CPU efficient as possible, and has a very low memory footprint.

Publish Events from any System, not just Subgraphs

EDFS is designed to fully decouple the API Consumer from the implementation of the Event-Driven Architecture.

The Cosmo Router supports authenticating incoming requests using JWKS authentication. Multiple auth providers is also supported.
1
2
3
4
5
6
7
8

JWKS / JWT Auth Support

Cosmo router supports authenticating incoming requests using JWKS authentication.

Field Level Auth Directives

Authorization directives can be used in your schema to define granular authorization rules on the field definition level.

Header forwarding to the Subgraphs

We provide several ways to simplify the work with propagating or orchestrating client data.

Resource-based access control enables allows machines or users to manipulate only specific federated-graphs and sub-graphs.
Add specific members to modify subgraph
Add specific members to modify subgraph

Resource based API Keys

Create an API key restricted to specific resources within your organization. This limits the blast radius of a compromised API key and allows for fine-grained access control.

Subgraph Access & Ownership

Add specific members to Subgraphs. This allows you to control who can modify the subgraph through a 'publish' operation.

Persisted operations, also known as trusted documents or persisted Queries, allow you to register GraphQL Operations in the Router enabling the clients to send just an identifier in their request instead of sending the whole operation body.
Create persisted operations from the CLI or UI
Create persisted operations from the CLI or UI

Compatible with the tooling of your choice

Pushing persisted operations works with the manifest generated by clients like Apollo, Relay or graphql-code-generator. You can also push them directly from the studio playground.

Integrated analytics

Persisted operations work with Cosmo's analytics stack allowing you to filter and search by their client and operations IDs.

Run the Cosmo Router on AWS Lambda and save on infrastructure costs. The Lambda Router is a serverless implementation of the Cosmo Router with full support for federation and analytics. Leverage your existing AWS infrastructure and scale your GraphQL API with ease.
Deploy your serverless router to AWS Lambda
Deploy your serverless router to AWS Lambda

Optimized for AWS Lambda

Fast cold-start times, low memory footprint, and low cost. The Lambda Router is designed to run on AWS Lambda. Metrics and tracing are fully supported.

Low cost & Maintenance

Save on infrastructure costs by running the Cosmo Router on AWS Lambda. Pay only for what you use. AWS comes with a generous free tier.

Analyze

Cosmo provides a powerful set of tools to analyze and monitor your federated graph. We provide advanced request tracing to vizualize the execution plan of your queries and detailed insights into the performance of your federated graph. Cosmo Analytics & Tracing is built on top of OpenTelemetry (OTEL) as well as Prometheus and can be easily integrated with your existing monitoring stack.


Cosmo Router supports exporting tracing and metrics via OpenTelemetry. These can be configured with multiple exporters. Both http and gRPC are supported.
Monitor federated graph and subgraph performance
Monitor federated graph and subgraph performance

Advanced Filters

Filter on several parameters that are stored for each request. You can filter and group by operations, clients, latency, errors and more.

Distributed Tracing

Track the path taken by the request through your federated graph and associated services to ensure consistent performance. In addition to just GraphQL-based tracing, our approach to build on top of OTEL allows you to add spans for any other service in your infrastructure.

GraphQL Operation Metrics

Gain insights into the performance and latency of your GraphQL operations, including the number of requests, the number of errors, and the average latency.

Prometheus Integration

The Router offers built-in support for Prometheus. We export the default Go and Process metrics including (R.E.D) metrics related to incoming GraphQL traffic.

Monitor client interactions with your schema fields. Use insights to guide schema evolution and cater to user needs.
Monitor schema field usage
Monitor schema field usage

Available for all types and fields

Usage tracking is accessible from the schema explorer and the schema check page. It is available for all GraphQL types and fields.

Detailed Analysis

Track usage across clients and operations with custom date range filters. Also indicates which subgraphs accessed the fields.

Track usage of deprecated fields

Track the usage of deprecated fields and types in your schema to ensure that you can safely remove them.

Cosmo router supports exporting tracing and metrics via OpenTelemetry. These can be configured with multiple exporters. Both http and grpc are supported.
Track the path taken by a request
Track the path taken by a request

OTEL-instrumented Router

The Router comes out of the box with OTEL instrumentation. This enables request tracking and detailed analysis for each one.

OTEL-instrumentation of Subgraphs

Extend OpenTelemetry's capabilities to subgraphs within your system.

Support for custom attributes

Tailor your tracing data with custom attributes. Include specific data or exclude some of your choice.

When it comes to debugging and optimizing a GraphQL Query, it's important to have a clear understanding of the execution plan and the performance bottlenecks. With Advanced Request Tracing (ART), you can vizualize the execution plan of your queries including detailed timings and performance metrics.
Dependency tree for data fetches within your graphs
Dependency tree for data fetches within your graphs

Verbose planning information

Obtain information about planning times, execution plan structure, fetch type, subgraph requests, input, output and much more!

GraphQL Playground++

The GraphQL Playground is enhanced with visualizations for Advanced Request Tracing. Both in a a tree graph view and a waterfall view to view execution structure and bottlenecks.

Transparent & Secure

ART requires the user to be signed into Cosmo Studio and uses a request signature to ensure that only authorized users can access the tracing data. Tracing data is only available in memory to the user who requested it. For security and compliance reasons, tracing data is directly exchanged between Router and Browser, and is never exposed or stored in the Control Plane.

Iterate

Once the initial version of your Graph is published, Cosmo helps you to safely iterate on your schema and subgraphs.


Easily avoid publishing broken schemas. Validate schema changes for breaking changes and composition errors. Perform checks against real time client traffic. Lint your schemas for best practices and style guides.
Check all breaking changes in the proposed schema
Check all breaking changes in the proposed schema

Static Analysis

Check for breaking changes and composition errors for your new subgraph schema or check if deleting a subgraph would cause any conflicts.

Real-traffic Analysis

With every check, you can monitor if breaking changes in your updated schema affect clients and operations. This is thanks to field level metrics we record on the schema.

Govern your Schema Quality with Linting

Enforce a certain schema style guide and best practices across all subgraphs.

Check using the CLI

Use the powerful CLI which securely authenticates against your graphs to perform schema checks.

Check during Pull Request Workflow

Check and publish schemas from your git workflows. With our GitHub integration, receive statuses right in your PR commits.

Track and document all schema modification over time. Receive real time updates through webhooks and Slack notification to always stay on top of everything.
Track schema changes to your federated graph
Track schema changes to your federated graph

Changelog

Every change ever made to your federated graph schemas are recorded for you to refer at any time.

Slack Integration

Get notified about schema changes right into your team slack channels with our seamless integration.

Webhooks

You have the full flexibility to perform your own actions on your infra by getting notified through webhooks.

Schema Contracts enable you to build a multi-purpose, multi-audience Graph, which can be split into Subsets for different use cases. This simplifies development and keeps your Graph maintainable.
Creation of schema subsets for 2 clients from the composed schema
Creation of schema subsets for 2 clients from the composed schema

Tailored APIs for specific Consumers

Schema Contracts give you a powerful solution to filter out unnecessary parts of the Schema for some API consumers, giving them a tailored Developer Experience that's geared towards their expectations and not bloated with irrelevant fields.

Improving Security and Data Privacy

Schema Contracts allow you to filter out fields and types that should only be accessible to a specific audience, e.g. admins or internal users.

Check and publish schemas from your git workflows. With our GitHub integration, receive statuses right in your PR commits.
Integrate schema checks within your GitHub workflow
Integrate schema checks within your GitHub workflow

Continuous Integration

Run schema checks on every commit in your pull request and get the status right there to avoid merging breaking schemas.

Continuous Delivery

Publish safe and valid schemas on merging your pull requests to your default branch.

Overriding Commit Check

To mark some breaking changes as safe and allow merging your pull requests you can override the check result.

Comprehensive records detailing every instance of a subgraph publication.
History of all compositions of your federated graph
History of all compositions of your federated graph

Composed schema

Track every version of your composed schema. Copy or download the composed schema.

Composition Inputs and Errors

Track the inputs and errors of every composition.

Changelog

View the changes caused after each composition.

A collaborative schema design workflow for various teams and organizations.
Start discussions from the Schema Explorer or SDL page
Start discussions from the Schema Explorer or SDL page

Collaborate on graphs and subgraphs

Create discussions on both the composed schema and subgraph schema. The discussion is open to everyone in the organization.

Across schema versions

Create discussions across schema versions simultaneously. You can always compare the changes to the latest one.

Two-way binding

Create discussions from the Type Explorer or the SDL page and we infer the correct context and line automatically.

Manage, Govern & Integrate

Manage access to Cosmo using SSO, manage roles and permissions, and monitor activities within your organization.


Cosmo supports OIDC for Single Sign-On. You can configure your OIDC provider and manage your organization members.
Configure your OIDC provider
Configure your OIDC provider

Supported Providers

Cosmo supports all OpenID Connect compliant identity providers such as Auth0, Okta, Keycloak, Azure AD, Google, and many more.

Simplify access control by assigning permissions to roles rather than individuals. Users are then associated with specific roles, and their access rights are determined by the permissions linked to those roles.
Assign organization wide roles to members
Assign organization wide roles to members

Fine-grained access control with Roles and Groups

Leverage group membership and roles in your existing identity provider to manage access to your organization.

Understand the activities conducted by users throughout your entire organization, whether performed directly or via API keys.
Monitor activity within your organization
Monitor activity within your organization

Trusted by small companies and large enterprises

synadia
mryum
tailor
mongodb
oracle
fingent
redventures
tripadvisor
equinix
crypto
onthebeach
EOG Resources
ebay
innio
sap
Saks
khealth
Nerdwallet
monkeyfactory
hightide
pempem
travelpassgroup
soundtrack
cbn
artnet
synadia
mryum
tailor
mongodb
oracle
fingent
redventures
tripadvisor
equinix
crypto
onthebeach
EOG Resources
ebay
innio
sap
Saks
khealth
Nerdwallet
monkeyfactory
hightide
pempem
travelpassgroup
soundtrack
cbn
artnet

LAUNCH NOW

Get started for free in 3 minutes

The convencience of a fully managed service without vendor-lock. No credit card required to get started.

Start building now

Want to learn more?

Get in touch with our experts and we'll discuss your use case and how WunderGraph can help you.