Reqflow
← All concepts
Communication·3 min read

REST vs gRPC vs GraphQL

Three API styles: REST is the universal default, gRPC is fast binary RPC for service-to-service, GraphQL lets clients ask for exactly the data they want.

Try it

Pick a scenario below and see which option fits, and why.

REST
simple, cacheable, ubiquitous
gRPC
fast binary, streaming
GraphQL
client picks the fields
Scenarios

There is no universal winner here, only the right fit for a given situation. Each scenario above pushes the decision a different way, which is exactly how this tradeoff shows up in real design questions.

First time reading this? Start here

Plain English: REST is the standard 'GET this URL' API everyone knows. gRPC is a faster, binary protocol for servers talking to each other internally. GraphQL lets the client say 'give me exactly these fields' in one request instead of calling five endpoints. Each fits a different job.

What it is

Three approaches to API design. REST uses HTTP verbs and resource URLs with JSON: simple, cacheable, universally supported. gRPC is a binary RPC framework over HTTP/2 using Protocol Buffers: strongly typed, fast, with streaming. GraphQL is a query language where the client specifies exactly which fields it needs from a typed schema, fetched through a single endpoint.

The problem it solves

Different API consumers have different needs. REST is the right default for public APIs and CRUD, since it's cacheable and every tool understands it. gRPC solves the overhead of JSON-over-HTTP/1.1 for chatty internal service-to-service calls. GraphQL solves over-fetching and under-fetching for clients (especially mobile) that would otherwise make many round-trips to assemble one screen.

How it works

REST: client hits resource URLs (GET /users/1) with HTTP verbs; responses are JSON; HTTP caching and status codes do real work. gRPC: define services and messages in a .proto file, codegen typed client/server stubs; calls are binary over HTTP/2 with multiplexing and bidirectional streaming. GraphQL: define a typed schema; clients send a query naming exactly the fields they want; a resolver layer fetches and assembles the response in a single round-trip.

Why use it

  • REST: universal tooling, HTTP caching, dead simple, great for public APIs
  • gRPC: compact binary payloads, HTTP/2 multiplexing, native streaming, contract-first typing, making it ideal internal RPC
  • GraphQL: one request fetches exactly what the client needs across many resources, killing over/under-fetching for mobile

What it costs you

  • gRPC: not browser-native (needs grpc-web + a proxy), binary payloads are hard to debug by eye, HTTP caching is gone
  • GraphQL: server complexity (resolvers, N+1 query risk), caching is hard, a single malicious query can be very expensive
  • REST: over-fetching/under-fetching and chatty round-trips for complex UIs; no schema unless you bolt on OpenAPI

Where it shows up in our architectures

  • Netflix

    REST/HTTP for client control-plane APIs through Zuul; gRPC-style binary RPC between internal microservices where latency matters

  • Twitter Home Timeline

    A GraphQL-style aggregation layer is a natural fit for assembling a timeline (tweets + authors + media + counts) in one round-trip for mobile

  • Uber

    Internal services use gRPC for low-latency, strongly-typed dispatch and geo calls; client apps talk REST/HTTP to the edge

Gotchas

  • Default to REST for public and external APIs, since it's cacheable and every client speaks it. Reach for gRPC inside your fleet where you control both ends and want speed + typing.
  • GraphQL's N+1 problem is brutal: a naive resolver fires one DB query per item in a list. You need DataLoader-style batching from day one.
  • gRPC isn't browser-friendly. Browsers can't speak raw gRPC, so you need grpc-web and a translating proxy (Envoy), which erodes some of the appeal.
  • GraphQL moves complexity to the server and makes caching and rate-limiting harder: a single deeply-nested query can cost more than a hundred REST calls. Enforce query depth/cost limits.
Interview angle

REST vs gRPC vs GraphQL questions test whether you pick the right tool for the right audience. The answer the interviewer wants is: REST for public APIs because of caching and universal tooling, gRPC for internal service-to-service because of speed and strong typing, GraphQL for mobile clients that need flexible data fetching in one round-trip. Candidates lose points by picking GraphQL for everything or by calling gRPC a 'newer REST' without explaining what the binary protocol actually buys you.

Your notes

Private to you