Skip to main content
use-apify.com

GraphQL: guides & tutorials

Consume GraphQL APIs and merge them with scraped fields when REST is awkward. Apify can supply missing attributes your headless CMS or gateway omits.

2 articles

View all tags

GraphQL APIs let you request exactly the fields you need, and many sites expose one behind the scenes. These guides cover consuming GraphQL endpoints and merging them with scraped fields when REST is awkward.

Targeting a GraphQL endpoint is often cleaner than parsing rendered HTML. Apify can supply attributes a gateway or headless CMS omits. Below you will find patterns for combining GraphQL with scraping.

Related topics

API8 min read

Complete Guide to Web Scraping APIs: REST, GraphQL, and Headless Browsers (2026)

· 8 min read
Yassine El Haddad
Software Developer & Automation Specialist

Web scraping APIs fall into three categories: public APIs (official, stable, no scraping needed), unofficial or reverse-engineered APIs (hidden endpoints used by the frontend), and scraping APIs (services like Apify, Bright Data, Firecrawl that handle scraping for you). This guide covers finding hidden APIs, REST and GraphQL scraping patterns, authentication, rate limiting, pagination—and when to use a scraping API service instead of building your own. Try Apify API · Firecrawl API

Automation5 min read

Reverse-Engineering Internal APIs for Data Extraction (2026)

· 5 min read
Yassine El Haddad
Software Developer & Automation Specialist

Parsing heavy, asynchronous React or Vue DOMs using standard HTML parsers (BeautifulSoup/Cheerio) is inherently fragile. UI engineers frequently refactor className hashes or alter structural <div> hierarchies, permanently breaking downstream text-extraction pipelines.

However, modern Single Page Applications (SPAs) are merely visual shells. The actual semantic data is transmitted asynchronously via backend XHR/Fetch endpoints. By directly intercepting and reverse-engineering these internal JSON/GraphQL API requests, data engineers can completely bypass the browser rendering engine, achieving sub-millisecond execution times and absolute structural guarantees.

This engineering guide documents the network forensic techniques required to locate, authorize, and extract data directly from undocumented enterprise APIs.

Guides on this site

Frequently asked questions

Frequently Asked Questions

Identify the GraphQL endpoint via DevTools (usually /graphql or /api/graphql), copy the query from the network tab, and replay it with curl or a Python requests call. Include all required headers including Authorization tokens. GraphQL often exposes more data than displayed on the page—explore the schema with introspection queries if permitted.

Browser DevTools Network tab filtered to XHR/Fetch shows all GraphQL operations. GraphQL Voyager visualizes schemas from introspection. Altair and Insomnia let you test queries interactively. Once you have a working query, implement it in Crawlee or Apify actors as a plain HTTP POST request without needing a browser.

Public GraphQL APIs allow unauthenticated queries; authenticated ones return 401 or empty data. If the site loads data after login, capture the auth token from the browser session and include it in request headers. Tokens often expire so implement refresh logic. Avoid storing long-lived tokens in plaintext in actor configurations.

GraphQL returns exact structured JSON without HTML parsing, handles pagination cleanly via cursor or offset arguments, and is far more stable than CSS selectors that break with redesigns. When a site's data loads from a GraphQL API, targeting the API directly reduces maintenance burden and extraction errors significantly.