You should disable GraphQL introspection in production as it can reveal sensitive information and make it easier for malicious parties to discover vulnerabilities, instead consider using a schema registry like Apollo Studio to securely enable access to your graph and data.