Authorization
Learn how to validate authentication in GraphQL servers.
We'll cover the following
Authorization
Authorization is a business logic that expresses whether a given user/session/context
can invoke an operation, such as reading or writing a piece of data. The following is an example of authorization: “Only admin can edit pizzas.”
Enforcing this kind of behavior should happen in the business logic layer. It’s tempting to place authorization logic in the GraphQL layer like this:
Get hands-on with 1400+ tech skills courses.