We've built APIs in REST, GraphQL, gRPC, and tRPC — sometimes all four in the same organization. The "GraphQL vs REST" debate implies a binary choice, but most production systems use both — plus patterns that didn't exist when either was designed.
A mobile banking client switched from REST to GraphQL. Their mobile app went from 12 API calls per screen to 1, cutting load time by 40%. A SaaS client switched from GraphQL to REST. Their development velocity doubled because they stopped fighting the GraphQL schema for simple CRUD operations.
Both were correct decisions. At Pillai Infotech, we choose based on constraints, not preferences.
An Honest Take on Both
REST is simpler than you think. Well-designed REST APIs with clear resource naming, proper HTTP methods, and consistent response shapes are straightforward to build, test, cache, and understand. The "REST has over-fetching problems" argument assumes badly designed endpoints.
GraphQL is more complex than you think. Query planning, N+1 prevention (DataLoader), authorization per field, schema evolution, caching invalidation, file uploads — these problems don't exist in REST. GraphQL trades simplicity for flexibility. That trade is worth it for some use cases, not all.
Head-to-Head Comparison
| Factor | REST | GraphQL |
|---|---|---|
| Learning curve | Low — HTTP fundamentals | Medium — schema, resolvers, tooling |
| Data fetching | Server decides what's returned | Client decides what's returned |
| Caching | HTTP caching (CDN, browser, proxy) | Requires normalized cache (Apollo, Relay) |
| Versioning | URL versioning (/v1, /v2) | Schema evolution (deprecate fields) |
| Tooling | curl, Postman, any HTTP client | GraphiQL, Apollo Studio, codegen |
| Error handling | HTTP status codes (clear) | Always 200, errors in body (confusing) |
| File uploads | Native (multipart/form-data) | Requires workaround |
| Real-time | WebSockets, SSE | Subscriptions (built-in) |
When REST Is the Right Choice
1. Public APIs
External developers know HTTP. They have curl. They don't want to learn your query language. REST with OpenAPI documentation is the universal standard for public APIs.
2. Simple CRUD Applications
If your API is primarily create/read/update/delete on resources, REST maps perfectly — POST, GET, PUT, DELETE on /resources/{id}. GraphQL adds complexity without benefit.
3. CDN/Cache-Heavy Applications
REST GET requests are cacheable by URL. CDNs, reverse proxies, and browsers cache them automatically. GraphQL's POST-based queries require custom caching strategies. If performance depends on edge caching, REST wins.
4. Microservices Communication
For service-to-service calls, REST (or gRPC for internal) is simpler than GraphQL. Each service exposes a clear contract. Microservices don't benefit from GraphQL's client-driven flexibility.
When GraphQL Is the Right Choice
1. Multiple Frontend Clients
Mobile app needs 5 fields. Web app needs 20. Admin panel needs 50. With REST, you build 3 endpoint variants or send everything always. With GraphQL, each client queries exactly what it needs.
2. Complex Data Relationships
When a single view needs data from multiple resources — a user's profile, their orders, their recommendations, and their notification settings — GraphQL resolves the entire graph in one request instead of 4 REST calls.
3. Rapidly Evolving Frontends
When the frontend team iterates fast and needs different data shapes weekly, GraphQL's client-driven queries mean no backend changes for new frontend views. The schema stays stable while queries change.
4. Schema-as-Documentation
GraphQL schemas are self-documenting and introspectable. Tooling like GraphiQL provides instant API exploration. For large APIs with many types, the typed schema is more useful than Swagger docs.
tRPC: The Third Option Most Teams Should Consider
For full-stack TypeScript applications (Next.js, Nuxt, SvelteKit), tRPC eliminates the API layer entirely. Types flow from server to client without schemas, code generation, or API documentation.
// Server: define procedures
import { router, procedure } from './trpc';
import { z } from 'zod';
export const appRouter = router({
users: {
list: procedure
.input(z.object({ page: z.number().default(1) }))
.query(async ({ input }) => {
return db.user.findMany({ skip: (input.page - 1) * 20, take: 20 });
}),
create: procedure
.input(z.object({ name: z.string(), email: z.string().email() }))
.mutation(async ({ input }) => {
return db.user.create({ data: input });
}),
}
});
// Client: full type inference, zero API layer
const users = await trpc.users.list.query({ page: 2 });
// users is typed: User[] — inferred from server return type
// Change the server, TypeScript errors appear in the client instantlyWhen to use tRPC: Full-stack TypeScript apps where the same team owns frontend and backend. It's faster to develop than REST (no API routes, no request/response types) and simpler than GraphQL (no schema, no resolvers, no codegen).
When NOT to use tRPC: Public APIs (not HTTP-based by default), multi-language backends (TypeScript only), or when frontend and backend are different teams/organizations.
Performance Considerations
The N+1 Problem
GraphQL's biggest performance pitfall. A query for users with their orders naively makes 1 query for users + N queries for orders. Solution: DataLoader (batch and cache database queries per request). Without it, GraphQL APIs are slower than equivalent REST endpoints.
Query Complexity
Malicious or poorly written GraphQL queries can request deeply nested data, consuming excessive server resources. Protection: query depth limiting, query cost analysis, and persisted queries (only allow pre-approved queries in production).
Caching Strategies
| Layer | REST | GraphQL |
|---|---|---|
| CDN | Automatic by URL | Manual (persisted queries + GET) |
| Server | Response cache by route | DataLoader + response cache |
| Client | SWR / React Query by URL | Normalized cache (Apollo/Relay) |
Real-World Patterns We Use
Pattern 1: REST External + GraphQL Internal
Public API in REST (standard, cacheable, documented with OpenAPI). Internal BFF (Backend for Frontend) in GraphQL to aggregate data for mobile and web clients. This is our most common pattern for client projects.
Pattern 2: REST + tRPC Hybrid
REST for webhooks, file uploads, and third-party integrations. tRPC for all frontend-to-backend communication. Best of both: type-safe development AND standard HTTP where needed.
Pattern 3: GraphQL Federation
For large organizations with multiple backend teams, Apollo Federation composes multiple GraphQL schemas into one. Each team owns their subgraph; the gateway stitches them together. Complex but powerful for 50+ developer organizations.
For more on API architecture in distributed systems, see our microservices guide.
Frequently Asked Questions
Is GraphQL replacing REST?
No. Both serve different needs. GraphQL adoption is growing for frontend-heavy applications, but REST remains the standard for public APIs, microservices, and simple CRUD. The industry is moving toward "right tool for the use case" rather than one-size-fits-all.
Is GraphQL slower than REST?
Out of the box, GraphQL can be slower due to resolver overhead and the N+1 problem. With DataLoader and proper optimization, performance is comparable. REST has the caching advantage — HTTP caching is free and effective. GraphQL requires more work to cache effectively.
Should I use gRPC instead of both?
gRPC is excellent for service-to-service communication — type-safe (Protobuf), fast (HTTP/2), streaming. It's not great for browser clients (requires a proxy like grpc-web). Use gRPC between services, REST or GraphQL for client-facing APIs.
What about OpenAPI / Swagger?
OpenAPI is REST's answer to GraphQL's type safety. With tools like openapi-typescript, you generate TypeScript types from your OpenAPI spec. Combined with server-side validation (Zod), you get end-to-end type safety — without GraphQL's complexity.
How do I choose for a new project?
Same-team full-stack TypeScript → tRPC. Multiple frontend clients with different data needs → GraphQL. Public API or simple CRUD → REST. Microservices internal → gRPC. This covers 90% of use cases.
Can I use GraphQL with a REST backend?
Yes — this is actually common. A GraphQL server acts as a BFF layer, calling REST APIs underneath. Apollo RESTDataSource makes this straightforward. The frontend gets GraphQL's flexibility while the backend keeps REST's simplicity.