Privacy compliance is the next frontier for GraphQL federation. GDPR, CCPA, and emerging regulations require that data access is tied to explicit user consent for specific processing purposes—but GraphQL federation makes this incredibly challenging. A single query can traverse dozens of entities across multiple subgraphs, each with different privacy requirements. At Booking.com, we solved this for 200+ federated subgraphs serving 200,000 RPS. This talk shares our production-tested architecture using a "Purpose Token" model where every data access declares its legal basis. What You'll Learn: • Why privacy ≠ authentication/authorization (and why this matters for GraphQL) • Where to enforce privacy checks: edge vs. router vs. subgraph layer tradeoffs • Purpose Token model: Tying data access to consent-based processing purposes • Integration patterns with consent systems • Complete audit logging for regulatory compliance Real Architecture from Production: This is a blueprint for privacy-by-design in federated GraphQL—with code, metrics, and lessons from a 2026 production rollout. Leave with actionable patterns you can implement immediately.
Booking.com, Senior Software Engineer
Minghe is a Senior Engineer at Booking.com with over 15 years of industry experience spanning DevOps, web, and mobile development. Recently, he has been maintaining the GraphQL federation platform at Booking.com, focusing on efficiently managing large scale schemas and federating high traffic systems.
Join two transformative days of expert insights and innovation to shape the next decade of APIs!