Authorization

Learn how to validate authentication in GraphQL servers.

We'll cover the following

Authorization

Authorization is a business logic that expresses whether a given user/session/context can invoke an operation, such as reading or writing a piece of data. The following is an example of authorization: “Only admin can edit pizzas.”

Enforcing this kind of behavior should happen in the business logic layer. It’s tempting to place authorization logic in the GraphQL layer like this:

Get hands-on with 1400+ tech skills courses.