Image for post
Image for post
From graphql.org

This post is part of a series of best practices and observations we have made while building GraphQL APIs at PayPal.

A year ago, we wrote “GraphQL: A success story for PayPal Checkout” which covers our journey from REST to Batch REST to GraphQL. A lot has changed since then! This post covers everything we learned while scaling out GraphQL at PayPal and will serve as a guide for deploying GraphQL at your company.

A year ago, there were a handful of products using GraphQL. While we had success in PayPal Checkout, there was no infrastructure, tools, training or support…


Image for post
Image for post
From graphql.org

This post is the first part of a series of best practices and observations we have made while building GraphQL APIs at PayPal. In upcoming posts, we’ll share our thoughts on: schema design, error handling, production visibility, optimizing client-side integrations and tooling for teams.

You might have seen our previous post “GraphQL: A success story for PayPal Checkout” about PayPal’s journey from REST to GraphQL. This post dives into details some best practices for building resolvers that are fast, testable and resilient over time.

What’s a resolver?

Let’s start off at the same baseline. What’s a resolver?


Image for post
Image for post
From graphql.org

At PayPal, we recently introduced GraphQL to our technology stack.

If you haven’t heard of GraphQL, it’s a wildly popular alternative to REST APIs that is currently taking the developer world by storm!

At PayPal, GraphQL has been a complete game changer to the way we think about data, fetch data and build applications.

This blog post takes a close look at PayPal Checkout and explains our journey from REST to Bulk REST to GraphQL and lessons learned along the way.


Hey there! You might have stumbled upon this post because you’re interested in securing your JS apps, or maybe you’ve heard about the other things we have open sourced.

Today we’re releasing jwt-csrf, a stateless CSRF solution for securing your JavaScript apps!

It’s something we’ve built and battle tested over the last year while building PayPal Checkout. In addition to talking about jwt-csrf, I’d like to talk about our journey of re-architecting PayPal Checkout and share our learnings and discoveries.

If you’ve checked out with PayPal in the last year or so, woohoo! You know what we work on :)…


Hey there! You might have stumbled upon this post because you’re interested in securing your JS apps, or maybe you’ve heard about the other things we have open sourced.

Today we’re releasing jwt-csrf, a stateless CSRF solution for securing your JavaScript apps!

It’s something we’ve built and battle tested over the last year while building PayPal Checkout. In addition to talking about jwt-csrf, I’d like to talk about our journey of re-architecting PayPal Checkout and share our learnings and discoveries.

If you’ve checked out with PayPal in the last year or so, woohoo! You know what we work on :)…

Mark Stuart

Leads Web Platform @ PayPal. h4ck 7h3 pl4n37

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store