The Data API Gateway: Performance & Security by Design

The Data API Gateway is one of the most powerful components of the Simple Platform. It is the single, secure entry point for all data interactions, exposing a unified GraphQL API for your entire data model. It completely abstracts away the complexity of the underlying database, providing a developer experience that is unparalleled in the enterprise space.

The On-the-Fly GraphQL-to-SQL Compiler

At the heart of the Data API Gateway is our proprietary, on-the-fly compiler. When a GraphQL query arrives, it is not interpreted by a slow, generic resolver. Instead, it is compiled directly into a single, highly-optimized SQL query. This compiled approach provides three immense advantages.

1. Radical Developer Productivity

Developers work with a modern, type-safe, and self-documenting GraphQL API. There is zero need to write data access code, manage database connections, or wrestle with a complex ORM. The platform handles the entire data access layer, allowing developers to focus purely on building business value.

2. Uncompromising Security by Design

Because developers interact with the database exclusively through the GraphQL API, a major class of security vulnerabilities is eliminated by design.

• Architecturally Immune to SQL Injection: Developers never write SQL strings. All queries are built from a structured Abstract Syntax Tree (AST), and all values are sent as parameterized queries. It is architecturally impossible for a malicious actor to inject arbitrary SQL.
• Centralized Access Control: Permissions and policies are enforced at the gateway level, ensuring that no query can access data it isn't authorized to see.

3. Performance That Legacy Platforms Can't Match

The Data API Gateway is not just a convenience layer; it is a high-throughput engine built for enterprise scale, with its most performance-critical components written in Rust to achieve bare-metal speed.

Performance by the Numbers

• Sub-Millisecond Compilation: The entire GraphQL-to-SQL compilation process averages less than 1 millisecond.
• Lightning-Fast Roundtrips: An average API roundtrip — from receiving the GraphQL query to returning JSON data from the database — completes in just 3 to 5 milliseconds.
• Massive Throughput: The gateway is architected to handle enterprise workloads of 100,000+ queries per second (QPS).

The Competitors' Compromise: Governor Limits & The N+1 Problem

Legacy platforms like Salesforce and ServiceNow are infamous for their restrictive "governor limits" and poor data query performance. Their interpretive, ORM-like data access layers (SOQL, GlideRecord) are slow and inefficient, often leading to the dreaded "N+1 query problem." A simple request to fetch 100 records and their related parents can result in 101 separate, slow database roundtrips, forcing developers to write complex, non-intuitive code to batch their requests manually.

The Simple Advantage: Architectural Elimination of N+1

Simple's GraphQL-to-SQL compiler eliminates the N+1 problem at an architectural level. It intelligently understands the relationships in your data model and compiles even deeply nested GraphQL queries into a single, efficient SQL statement using advanced techniques like LATERAL JOINs.

• A request for 100 posts and their 10 authors results in 1 SQL query, not 101.
• Efficient, precise joins are generated automatically.
• The generated SQL is optimized for the database's query planner.

There are no governor limits to worry about because the system is designed from the ground up for performance. You can query your data in the way that makes sense for your application, and trust that the platform will execute it in the most optimal way possible.

Automated Real-Time Search Indexing

In addition to data access, the Data API Gateway provides powerful search capabilities out-of-the-box.

• Real-time Indexing: As data is written to your tenant database, change events are automatically published to the platform's event bus. A dedicated service consumes these events and pushes the data into a tenant-isolated Typesense search index.
• Blazing-Fast Search: This provides typo-tolerant, full-text search across all your data — including the content of JSON fields — accessible directly through the GraphQL API without any additional configuration.

Next Step

With a solid understanding of how the platform manages data, let's explore how you can extend it with your own custom business logic.

→ The Logic Runtime