GraphQL Where Clause: Filtering, Operators & Performance Tips

Q: What filter operators are available in GraphQL where clauses?

Standard operators include equality (eq, ne), comparison (gt, gte, lt, lte), collection (in, notIn), string matching (contains, startsWith, endsWith), and existence checks (isNull, isNotNull). Which operators are available depends on your platform: Hasura and Prisma generate them automatically from your schema, while Apollo Server requires you to define them manually in your input types.

Q: How do you combine multiple filter conditions in a GraphQL query?

Sibling fields inside a where object are implicitly ANDed — all conditions must match. For mixed AND/OR logic, use explicit AND, OR, and NOT fields on your input type: { OR: [{ status: { eq: "active" } }, { role: { eq: "admin" } }] } returns records that are either active or admin. Deep nesting is valid but test the performance impact — each OR branch can trigger a separate index scan.

Q: How do you implement custom filter logic in a GraphQL resolver?

In the resolver, extract the where argument and map each filter condition to your database query layer. With Prisma, you can pass the where object directly to findMany() since Prisma's generated types match the GraphQL input shape. With a raw ORM, iterate over the filter fields and build the query programmatically. Always validate and sanitize inputs before constructing dynamic queries to prevent injection attacks, and push all filtering to the database — never filter in-memory after fetching all rows.

A graphql where clause is the filtering mechanism used in GraphQL APIs to retrieve specific subsets of data based on conditions you define. Unlike SQL, GraphQL has no native WHERE keyword — filtering is implemented through arguments passed into a query field, which the server-side resolver then maps to your database. Platforms like Hasura auto-generate these filters from your schema; Apollo Server and Prisma require manual resolver work but give you full control. The result: clients get exactly the data they ask for, nothing more.

Key Benefits at a Glance

Precise Data Fetching: Request only records that match your criteria — reduces payload size and speeds up rendering on slow connections.
Improved Performance: Filtering at the database level (with proper indexes) is orders of magnitude faster than client-side filtering of a full dataset.
Flexible Filtering: Combine equality checks, range operators, full-text search, AND/OR logic, and relationship traversal in a single query argument.
Cleaner Frontend Code: Move filtering logic to the server — your frontend components become simpler and easier to test.
Schema-enforced Type Safety: Filter input types are validated at schema level, so invalid filter combinations are caught before they hit your resolver.

Table of Contents

Understanding GraphQL Where Clauses

A GraphQL where clause is a query argument — typically named where — that accepts an input object describing which records to include in the response. Because this filtering lives in the GraphQL schema, it is type-checked automatically: if you pass a String where the schema expects an Int, the server rejects the query before it ever touches your database. This makes where clauses safer and more self-documenting than REST query parameters.

GraphQL Filtering vs SQL WHERE Clauses

Both mechanisms narrow result sets based on conditions, but they operate at different layers of the stack. SQL runs inside the database engine, which has direct access to query planners and indexes. GraphQL filtering happens in the application layer through resolver functions — meaning performance is entirely in your hands as the implementer.

Aspect	SQL WHERE	GraphQL Filtering
Syntax	WHERE column = value	{ where: { field: { eq: value } } }
Type Safety	Runtime validation	Schema-enforced types
Nested Filtering	Complex JOINs required	Natural graph traversal
Client Control	Fixed server queries	Client-specified filters
Performance	Database-optimized	Resolver-dependent

The key practical difference: with SQL you write one query per endpoint; with GraphQL a single resolver can handle unlimited filter combinations defined by the client. This flexibility is powerful — but it means you must implement query complexity limits to prevent expensive ad-hoc queries in production.

The where Parameter

The where parameter is the de-facto standard across all major GraphQL platforms. It accepts an input object whose fields map to your schema types, and whose values are operator objects (eq, contains, gte, etc.). Here is the minimal working form:

query {
  users(where: { status: { eq: "active" } }) {
    id
    name
    email
  }
}

Hasura auto-generates where arguments for every table in your database. Apollo Server requires you to define the where argument in your schema and handle it manually in the resolver. Prisma generates typed WhereInput objects and provides a query builder that maps directly to the filter structure.

“The where argument is applied on a specific field and it filters the results based on that field’s value. For example, you can use the where argument to fetch all the private todos.”
— Hasura, 2024 Source link

Filter Structure and Syntax

Every GraphQL filter is built from three components: the field you want to test, the operator describing the comparison type, and the value to compare against. These nest together in an input object defined in your schema.

Filter arguments follow a consistent nested object structure
Each filter condition contains field, operator, and value components
Schema definitions determine which filter options are available
Type safety is enforced at both schema and runtime levels

input UserWhereInput {
  id: IntFilter
  name: StringFilter
  email: StringFilter
  createdAt: DateTimeFilter
  posts: PostListRelationFilter
}

input StringFilter {
  equals: String
  contains: String
  startsWith: String
  endsWith: String
  not: String
}

Keeping filter input types separate from your main types (e.g. StringFilter instead of inlining operators) lets you reuse them across multiple query fields and keeps your schema clean as it grows.

The filter syntax supports multiple value filters using IN/NOT IN operators, allowing concise expression of disjunctive conditions in a single argument.

Filter Condition Structure

A filter condition reads: “give me records where this field, compared using this operator, matches this value.” You can combine multiple field conditions in one where object — by default they are implicitly ANDed together:

{
  products(where: {
    price: { gte: 100, lte: 500 }
    category: { name: { contains: "electronics" } }
    inStock: { equals: true }
  }) {
    id
    name
    price
  }
}

Design tip: favor conditions that map to indexed database columns. A price: { gte: 100 } filter on an indexed column executes in milliseconds; a description: { contains: "fast" } on an unindexed text column will do a full-table scan.

Basic Filtering Operations

These operators form the foundation of any filtering implementation. Master these before reaching for complex AND/OR combinations.

Equality: eq, ne (not equal)
Comparison: gt, gte, lt, lte
String matching: contains, startsWith, endsWith
Existence: isNull, isNotNull
Collection: in, notIn

Equality checks (eq) offer the best performance because they are index-friendly and the query planner can use B-tree indexes directly. Range operators (gte/lte) also benefit from B-tree indexes and are the standard approach for date and numeric filtering. Use in instead of multiple OR blocks when filtering against a known list of values — it produces cleaner SQL and is easier for the query planner to optimize.

query {
  orders(where: {
    total: { gte: 100 }
    createdAt: { gte: "2024-01-01", lte: "2024-12-31" }
    status: { in: ["pending", "processing"] }
  }) {
    id
    total
    status
    createdAt
  }
}

Filter Operators Table

Not every operator works with every data type. This table shows which combinations are valid across standard GraphQL implementations:

Operator	String	Number	Date	Boolean	Enum
eq	✓	✓	✓	✓	✓
ne	✓	✓	✓	✓	✓
gt/gte/lt/lte	✓	✓	✓	✗	✗
contains	✓	✗	✗	✗	✗
startsWith/endsWith	✓	✗	✗	✗	✗
in/notIn	✓	✓	✓	✓	✓
isNull/isNotNull	✓	✓	✓	✓	✓

String operators are the richest set — they cover everything from exact matches to prefix/suffix patterns. Booleans and enums are intentionally limited: they only support equality and collection operators, which is all that makes sense semantically for categorical values.

Implementing Where Clauses in Your GraphQL API

The implementation strategy depends on your tech stack. Hasura gives you filtering out of the box — just connect a database and the where argument is generated automatically. Prisma generates typed WhereInput objects from your schema file and provides a query builder. Apollo Server with a raw ORM gives you maximum flexibility but requires writing the filter-to-query translation yourself.

Design filters based on actual query patterns, not theoretical completeness
Consider performance implications when exposing complex filter combinations
Use input types to ensure consistent filter structure across your API
Implement proper validation to prevent malicious or expensive queries

type Query {
  users(where: UserWhereInput, orderBy: UserOrderByInput, take: Int, skip: Int): [User!]!
}

input UserWhereInput {
  AND: [UserWhereInput!]
  OR: [UserWhereInput!]
  NOT: UserWhereInput
  id: IntFilter
  email: StringFilter
  name: StringFilter
  posts: PostListRelationFilter
}

Backend Implementation Strategies

Translating GraphQL filter arguments into efficient database queries is the hardest part of the implementation. The resolver receives the raw where object and must map it to a SQL WHERE clause, a Prisma query, or a MongoDB aggregation pipeline — depending on your stack.

Here is a Prisma-based Apollo Server resolver that handles the most common patterns safely:

// Apollo Server + Prisma resolver example
const resolvers = {
  Query: {
    users: async (_parent, { where, orderBy, take, skip }, { prisma }) => {
      return prisma.user.findMany({
        where,      // Prisma accepts the GraphQL WhereInput directly
        orderBy,
        take,
        skip,
      });
    },
  },
};

With a raw SQL ORM (Sequelize, TypeORM), you need to map each filter field manually. The risk here is forgetting to validate inputs — always sanitize filter values before building dynamic queries to prevent injection attacks. Prisma’s generated types handle this for you at compile time.

Performance rule of thumb: never fetch all rows and filter in application code. Always push the where condition down to the database. Even a simple in-memory filter on 100,000 rows will be noticeably slower than a indexed database query returning 10 rows.

How to Make a Filter

Follow this sequence when adding filtering to an existing GraphQL API:

Define filter input types in your GraphQL schema
Add the where parameter to your query field definitions
Implement filter logic in your resolver functions
Test filters using GraphiQL or your preferred GraphQL client
Run EXPLAIN on your database queries to confirm index usage
Optimize or add indexes based on actual filter usage patterns

# Schema definition
type User {
  id: ID!
  name: String!
  email: String!
  posts: [Post!]!
}

input UserWhereInput {
  id: IDFilter
  name: StringFilter
  email: StringFilter
  posts: PostListRelationFilter
}

type Query {
  users(where: UserWhereInput): [User!]!
}

Start with the fields you know will be queried most often — usually status, date ranges, and a primary identifier. Adding more filter fields later is easy; removing them breaks existing clients.

Advanced Filtering Techniques

Once basic filtering is in place, you can layer in logical operators and relationship-based conditions. These are the features that make GraphQL filtering genuinely more expressive than a fixed REST endpoint.

AND conditions: All specified conditions must be true
OR conditions: At least one specified condition must be true
NOT conditions: Inverts the result of nested conditions
Nested combinations: Mix AND/OR/NOT for complex business logic

“By limiting the data to only what you need, this is the most basic form of filtering in GraphQL. You can also add the filter keyword to your query to limit the values returned based on the given parameters.”
— Tabnine, 2024 Source link

query {
  users(where: {
    AND: [
      { posts: { some: { published: { equals: true } } } }
      { email: { contains: "@company.com" } }
    ]
    NOT: { status: { equals: "inactive" } }
  }) {
    id
    name
    email
    posts(where: { published: { equals: true } }) {
      title
      publishedAt
    }
  }
}

Combining Multiple Conditions

The most readable pattern for complex logic is explicit AND/OR/NOT fields on your input type. Sibling fields in a where object are implicitly ANDed — you only need the explicit AND wrapper when mixing AND and OR at the same level.

query {
  products(where: {
    OR: [
      { 
        AND: [
          { price: { lte: 100 } }
          { category: { name: { equals: "books" } } }
        ]
      }
      {
        AND: [
          { price: { lte: 50 } }
          { category: { name: { equals: "electronics" } } }
        ]
      }
    ]
  }) {
    id
    name
    price
    category { name }
  }
}

Watch out for deeply nested OR logic in production: each OR branch typically generates a separate database index scan, and a query with five OR branches on a large table can be slower than five separate queries. Profile before you ship.

Filtering on Relationships

Relationship filtering is where GraphQL outshines REST. You can filter parent records based on properties of their children — without a second request or a manual JOIN.

query {
  authors(where: {
    books: {
      some: {
        AND: [
          { publishedAt: { gte: "2024-01-01" } }
          { reviews: { some: { rating: { gte: 4 } } } }
        ]
      }
    }
  }) {
    name
    books(where: { publishedAt: { gte: "2024-01-01" } }) {
      title
      publishedAt
      reviews { rating }
    }
  }
}

The N+1 query problem is the main trap here. If your relationship resolver fires a separate database query for each parent record, filtering 500 authors triggers 500 additional queries. Use DataLoader (for Apollo) or Prisma’s relation filters (which compile to a single JOIN) to avoid this.

For related objects, use nested field filtering to apply constraints on properties of connected types without flattening the schema.

Filtering by Data Types

Each data type calls for a different filtering approach. Here is what you need to know for the four most common types.

String Filtering Techniques

String operators are the most versatile — and the most performance-sensitive. startsWith can use a standard B-tree index. contains (substring match) cannot — it forces a full scan unless you use a full-text index (PostgreSQL pg_trgm, MySQL FULLTEXT, or a dedicated search engine like Elasticsearch).

Operator	Description	Example	Case Sensitive
eq	Exact match	name: {eq: “John”}	Yes
contains	Substring match	name: {contains: “oh”}	Yes
startsWith	Prefix match	name: {startsWith: “Jo”}	Yes
endsWith	Suffix match	name: {endsWith: “hn”}	Yes
regex	Pattern match	name: {regex: “^J.*n$”}	Configurable

Case-insensitive variants (containsInsensitive, mode: "insensitive" in Prisma) are convenient but slower — they prevent index usage on most databases unless you create a functional index on the lowercased column. Avoid exposing free-form regex in public APIs without complexity limits; a catastrophic backtracking regex can lock a database thread.

query {
  users(where: {
    OR: [
      { firstName: { startsWith: "John" } }
      { lastName: { contains: "Smith" } }
      { email: { endsWith: "@company.com" } }
    ]
  }) {
    id
    firstName
    lastName
    email
  }
}

Date and DateTime Filters

Always store and filter datetimes in UTC. Convert to the user’s local timezone only at the presentation layer. This eliminates daylight saving time edge cases and makes date range queries deterministic.

Always specify timezone when filtering datetime fields
Use ISO 8601 format (2024-01-01T00:00:00Z) for consistent parsing
Account for daylight saving time boundaries in date range queries
Index datetime fields that appear frequently in where clauses

query {
  events(where: {
    startDate: { 
      gte: "2024-01-01T00:00:00Z" 
      lte: "2024-12-31T23:59:59Z" 
    }
    createdAt: { gte: "2024-06-01T00:00:00Z" }
  }) {
    id
    title
    startDate
    endDate
  }
}

Numeric and Boolean Filters

Numeric range filters (gte/lte) are excellent candidates for composite indexes when combined with other frequently used fields — for example, (status, price) if you routinely filter by both. For financial data, use a Decimal scalar rather than Float to avoid floating-point precision issues in comparisons.

query {
  products(where: {
    price: { gte: 10.00, lte: 100.00 }
    inStock: { equals: true }
    rating: { gte: 4.0 }
    isActive: { equals: true }
  }) {
    id
    name
    price
    inStock
    rating
  }
}

Boolean filters only need equals. They are most useful for status flags (isActive, isVerified) — and a partial index on WHERE isActive = true is a quick win if most queries target only active records.

Enumeration Filters

Enum filters provide compile-time guarantees that no invalid status string can sneak through. Define the enum in your schema and generate the filter input from it — this keeps the two in sync automatically.

enum UserStatus {
  ACTIVE
  INACTIVE
  PENDING
  SUSPENDED
}

input UserWhereInput {
  status: UserStatusFilter
}

input UserStatusFilter {
  equals: UserStatus
  in: [UserStatus!]
  notIn: [UserStatus!]
}

The in operator is the workhorse for enum filtering — it maps to a SQL IN (...) clause and is index-friendly. Use notIn sparingly on high-cardinality enums, since excluding many values is often less efficient than specifying the few you want to include.

Optimizing Where Clause Performance

Performance problems with GraphQL filtering almost always fall into one of three categories: missing indexes, N+1 queries, or unbounded query complexity. Fix these three and your filtering will scale.

Run EXPLAIN ANALYZE on generated SQL to confirm index usage
Use DataLoader or batching to eliminate N+1 in relationship filters
Implement query depth and complexity limits before going to production
Cache the results of expensive, rarely-changing filtered queries at the resolver level

// Query complexity analysis with Apollo Server
const depthLimit = require('graphql-depth-limit');
const { createComplexityLimitRule } = require('graphql-validation-complexity');

const server = new ApolloServer({
  typeDefs,
  resolvers,
  validationRules: [
    depthLimit(10),
    createComplexityLimitRule(1000, {
      scalarCost: 1,
      objectCost: 2,
      listFactor: 10,
    }),
  ],
});

Common Performance Pitfalls

These are the mistakes that cause filtering to break at scale. All of them are avoidable with upfront design.

DO: Add database indexes for fields you expose as filter arguments
DON’T: Allow unrestricted regex patterns in public-facing APIs
DO: Implement query depth and complexity limits on your GraphQL server
DON’T: Fetch all rows in a resolver and filter with Array.filter()
DO: Use DataLoader to batch relationship queries and eliminate N+1
DON’T: Ignore slow query logs — set an alert for queries over 200 ms

The N+1 problem is the most common production incident with GraphQL filtering. It happens when a resolver for a relationship field fires a separate database query per parent record. With 1,000 users each having posts, that is 1,001 database round trips for what should be two queries. DataLoader batches these into a single WHERE id IN (...) call.

Indexing Strategies for Filtered Fields

Index design should follow your actual query patterns, not your schema structure. Start by logging all filter arguments used in production for two weeks, then build indexes around the combinations you see most often.

Index Type	Best For	Trade-offs	Example Use Case
Single Column	Equality filters	Fast reads, simple maintenance	User status filtering
Composite	Multiple filter conditions	Complex but efficient	Date range + category
Partial	Filtered subsets	Smaller index, faster writes	Active users only
Full-Text / GIN	String pattern matching	Full-text search capability	Product name search

For composite indexes, column order matters: put the most selective column first (the one that eliminates the most rows). A composite index on (status, createdAt) works well for WHERE status = 'active' AND createdAt > '2024-01-01' but not if you query by createdAt alone — in that case, add a separate single-column index on createdAt.

To keep filtered queries under control at scale, combine indexing with result limits — always enforce a maximum page size alongside your where clause arguments.

Real-World Examples and Use Cases

Here are three patterns that cover the most common production scenarios.

E-commerce product catalog — combining price range, category, rating, and stock status in one query:

query {
  products(where: {
    AND: [
      { price: { gte: 50, lte: 200 } }
      { category: { name: { in: ["electronics", "computers"] } } }
      { averageRating: { gte: 4.0 } }
      { inStock: { equals: true } }
    ]
  }) {
    id
    name
    price
    averageRating
    category { name }
  }
}

Content management — filtering articles by author properties and publication status using relationship traversal:

query {
  articles(where: {
    author: { verified: { equals: true } }
    status: { equals: "PUBLISHED" }
    publishedAt: { gte: "2024-01-01T00:00:00Z" }
  }) {
    id
    title
    author { name }
    publishedAt
  }
}

Analytics / reporting — date range with grouping context, combined with count aggregations in the resolver:

query {
  orders(where: {
    createdAt: { 
      gte: "2024-03-01T00:00:00Z"
      lte: "2024-03-31T23:59:59Z"
    }
    status: { in: ["completed", "refunded"] }
  }) {
    id
    total
    status
    createdAt
  }
}

Implementing a Search Feature with GraphQL Filters

A production search feature combines text matching with categorical filters and pagination. The key architecture decision is where full-text search lives: for simple cases, database LIKE or ILIKE with a pg_trgm index is enough. For anything requiring relevance ranking or typo tolerance, delegate text search to Elasticsearch or Typesense and use GraphQL filters for the categorical refinements.

Define search requirements: which fields are searchable, which are facets
Create input types that separate the text term from categorical filters
Implement resolver logic — push both conditions to the database in one query
Add cursor-based pagination and orderBy relevance scoring
Test with realistic data volumes (100k+ rows) before launching
Add debouncing (300–500 ms) on the frontend to avoid a query per keystroke

query SearchProducts($searchTerm: String, $filters: ProductWhereInput) {
  products(
    where: {
      AND: [
        { 
          OR: [
            { name: { contains: $searchTerm } }
            { description: { contains: $searchTerm } }
          ]
        }
        $filters
      ]
    }
    orderBy: { createdAt: desc }
    take: 20
  ) {
    id
    name
    description
    price
    category { name }
  }
}

Examples of Filter Conditions

Name-based filtering with fallback across multiple fields:

query {
  users(where: {
    OR: [
      { firstName: { contains: "John" } }
      { lastName: { startsWith: "Sm" } }
      { displayName: { equals: "johndoe" } }
    ]
  }) {
    id
    firstName
    lastName
    displayName
  }
}

Status-based workflow filtering with date constraint:

query {
  orders(where: {
    status: { in: ["pending", "processing"] }
    createdAt: { gte: "2024-01-01" }
    total: { gte: 100 }
  }) {
    id
    status
    total
    createdAt
  }
}

Date range filtering for reporting:

query {
  events(where: {
    startDate: { 
      gte: "2024-03-01T00:00:00Z"
      lte: "2024-03-31T23:59:59Z" 
    }
    category: { name: { equals: "conference" } }
  }) {
    id
    title
    startDate
    category { name }
  }
}

Common Where Clause Patterns by Platform

The same filtering logic looks different depending on which GraphQL platform you use. Here are the canonical patterns for Apollo Server, Hasura, and Prisma — knowing all three makes it easier to read code from different stacks and migrate between them.

# Apollo Server pattern — manual filter design
type Query {
  users(filter: UserFilter, sort: UserSort, limit: Int): [User!]!
}

# Hasura pattern — auto-generated from database schema
type Query {
  users(where: users_bool_exp, order_by: [users_order_by!], limit: Int): [users!]!
}

# Prisma pattern — generated types, manual resolver
type Query {
  users(where: UserWhereInput, orderBy: UserOrderByInput, take: Int): [User!]!
}

Apollo Server gives you maximum flexibility: you design the filter shape yourself. Hasura gives you automatic coverage of every column but less control over filter semantics. Prisma is the middle ground — generated types that prevent mistakes, resolver logic that is still yours to write.

If you use Hasura’s auto-generated filters, you can pair them with sorting arguments to control result order alongside the where clause — both are generated from the same schema definition.

Pagination and Filtering Together

Always combine where with a pagination argument. A filter without a limit is a denial-of-service waiting to happen on large tables.

Approach	Pros	Cons	Best For
Offset-based	Simple implementation, easy page numbers	Performance degrades with large offsets	Small datasets, admin UIs
Cursor-based	Consistent performance at any depth	More complex to implement	Large datasets, infinite scroll
Hybrid	Flexible — supports both use cases	Increased API complexity	Mixed use cases

query {
  products(
    where: { category: { name: { equals: "electronics" } } }
    first: 20
    after: "eyJpZCI6MTAwfQ=="
  ) {
    edges {
      node {
        id
        name
        price
      }
      cursor
    }
    pageInfo {
      hasNextPage
      endCursor
    }
  }
}

Cursor-based pagination with a filtered query means the cursor must encode enough state to reproduce the same ordering and filtering on the next page. A common approach is to base64-encode the last record’s id and createdAt together. Offset-based is simpler but can skip or duplicate records if data changes between pages.

Dynamic Query Structure

Use GraphQL variables to build filter objects dynamically on the client — this avoids string interpolation security risks and enables the server to cache the parsed query document separately from the variable values.

query SearchContent($hasCategory: Boolean!, $categoryFilter: CategoryWhereInput) {
  articles(where: {
    AND: [
      { published: { equals: true } }
      { category: $categoryFilter @include(if: $hasCategory) }
    ]
  }) {
    id
    title
    category { name }
  }
}

The @include(if: ...) directive conditionally omits a field from the query entirely — not just its value. This is useful when a filter section should be completely absent rather than present with a null value, which would change query semantics in some resolvers.

For queries that combine filtering with ordering, pass both where and orderBy as separate variables — this keeps the query document reusable across different sort configurations without recompilation.

More Filtering & Query Guides

GraphQL Filter Multiple Values — use IN/NOT IN to filter on a list of allowed values in one argument.
GraphQL Filter on Nested Field — apply where conditions to properties of related types without flattening your schema.
GraphQL Nested Query — traverse multiple levels of relationships in a single request.
GraphQL Sorting — combine orderBy with your where clause to return results in a predictable order.
GraphQL Limit Number of Results — always pair filtering with a result limit to protect query performance.
GraphQL Count — aggregate filtered results with a count resolver instead of fetching all matching rows.
GraphQL Distinct — deduplicate results when relationship filtering produces duplicate parent records.
GraphQL OrderBy — understand how orderBy interacts with cursor-based pagination and filtered result sets.

Frequently Asked Questions

A GraphQL where clause is a query argument — typically named where — that lets you specify conditions data must satisfy before being returned, similar to SQL’s WHERE keyword. It matters because it moves filtering logic to the server, reducing the payload sent over the network and enabling database-level optimizations like index usage. Without it, clients would need to fetch all records and filter locally, which does not scale.

A filter condition is an input object with three parts: the field to test, the operator describing the comparison, and the value to compare against. For example, { price: { gte: 100 } } means “return records where price is greater than or equal to 100.” The resolver receives this object and translates it into a database query — a SQL WHERE clause, a Prisma query, or a MongoDB aggregation stage, depending on your stack.

Standard operators include equality (eq, ne), comparison (gt, gte, lt, lte), collection (in, notIn), string matching (contains, startsWith, endsWith), and existence checks (isNull, isNotNull). Which operators are available depends on your platform: Hasura and Prisma generate them automatically from your schema, while Apollo Server requires you to define them manually in your input types.

Sibling fields inside a where object are implicitly ANDed — all conditions must match. For mixed AND/OR logic, use explicit AND, OR, and NOT fields on your input type: { OR: [{ status: { eq: "active" } }, { role: { eq: "admin" } }] } returns records that are either active or admin. Deep nesting is valid but test the performance impact — each OR branch can trigger a separate index scan.

In the resolver, extract the where argument and map each filter condition to your database query layer. With Prisma, you can pass the where object directly to findMany() since Prisma’s generated types match the GraphQL input shape. With a raw ORM, iterate over the filter fields and build the query programmatically. Always validate and sanitize inputs before constructing dynamic queries to prevent injection attacks, and push all filtering to the database — never filter in-memory after fetching all rows.

GraphQL where clause powerful data filtering for modern queries