me0wday /
Last active Aug 3, 2021
Blind Graphql Discovery to Altair Schema

Playing with GraphQL when introspection is disabled

Quick write up on extracting a GraphQL schema when introspection is disabled. Bits and pieces sourced from various sources. Successfully tested on an Apollo instance.

TLDR: Some GraphQL instances provide name autocomplete suggestions. Some peeps have written tools to automate the extraction process. (ref

1. Bruteforce schema without introspection

First step is using a tool called clairvoyance by @nikitastupin ( I found the main repo to lack error handling and support for additional features such as proxy.