Create API documentation using AI

It'd be great if there was a way to ensure that only requests coming from my reverse proxy are allowed. This could be as simple as a shared secret between the reverse proxy and stellate that is send as a header from the proxy, and used by stellate to verify the request. Having a reverse proxy is useful as it makes it easy to add other on-the-fly security configs like blocking specific IPs and enabling CORS.

Provide a statistics API that allows you to track the number of requests per month grouped by e.g. an Authorization header. This could be used to implement usage based billing for 3rd party services built on top of GraphCDN.

Currently for a user, it's required to signup. However, if you have a public non-profit API, you might not want to require this.

Streaming Response is just the being one of the best ways to deliver data from an API or Server Side Render Web Apps. These is just a way of sending data in chunks without waiting for the whole data to be available before sending it. I see GraphQL Stream & Defer are Experimental, but Think about Implementing It in GraphCDN, once it's stable in GraphQL.

It comes up in our pen testing and I don't see a way to turn it off.

I'd like to monetize my GraphQL API and have Stellate take care of as much as possible in this process. That includes the metrics to know how much a user of my API used the API.

If this sounds true to you, then please upvote: "I want to bring my own authentication system and integrate that with the Stellate GraphQL Developer Portal"

I'd like to be able to define variables to be used in the stellate configuration directly from the dashboard, consuming them as references (e.g.: "secret": {{ stellate.variables.secret }} ) to keep track of what has been set and when, to avoid drifts and prevent having to push the schema at each variable update.

Caching GraphQL at the Edge is Really Awesome, but it would be too costly to allow everyone to send a queries that might have Spamming. One Solution for these problem would be Rate Limiting, but Implementing CORS would be very cool. Also CORS don't prevent from Server Side Query Requests.