Validation

GraphQL servers validate requests against the schema. They usually validate all requests before the execution step; however, the server can skip validation if:

• it recognizes that an identical request has been previously validated, or
• the requests were validated during development.

One example of a validation error is selecting a field that doesn't exist. If we send this query:

query {
  user(id: "abc") {
    nonExistent
  }
}

the server’s validation step will fail, so it won’t execute the query. Instead, it will respond with:

{
  "errors": [
    {
      "message": "Cannot query field \"nonExistent\" on type \"User\".",
      "locations": [
        {
          "line": 3,
          "column": 5
        }
      ]
    }
  ]
}

There are many possible ways in which a request might not be valid. Frontend developers will run into them while developing their queries, and most servers will return a clear, specific error message like the above. Most backend developers use a GraphQL server library that takes care of validation for them, but for those creating their own server library, the spec has algorithms for checking each piece of validation:

• 5.1: Documents
• 5.2: Operations
• 5.3: Fields
• 5.4: Arguments
• 5.5: Fragments
• 5.6: Values
• 5.7: Directives
• 5.8: Variables