Access Control in GraphQL

Access Control in GraphQL

This post is from early 2016. We published an updated post on this topic in 2018, which you can read here:Authorization in GraphQLPractical methods for controlling access to the data in your APIdev-blog.apollodata.com If you like, you can read the original content of this post below!

A GraphQL schema defines types. Each type — except for scalar types like Int, Float or String — has fields which define the relationship between this type and other types (one to one, or one to many). If you think about your schema in terms of a graph, types are the nodes of your graph, and fields are edges. Scalar types have no fields, so they form the leaf nodes of your graph.

A GraphQL query is just an instruction for traversing the graph in a specific way, resulting in a tree.

When traversing a tree, you would start at the root, but a graph has no root so there is no logical starting point!

graphql access control

What is Geek Coin

What is GeekCash, Geek Token

Best Visual Studio Code Themes of 2021

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

GraphQL Access Control

We published an updated post on this topic in 2018. Since a GraphQL query is just a set of instructions for how to traverse the graph, there are two natural options for enforcing permissions: Which edges the user can traverse and Which nodes the user can visit.

Access Control in Nebula Graph: Design, Code, and Operations

In this article, we will detail user management with roles and privileges of Nebula Graph.

How to use GraphQL with Javascript – GraphQL.js tutorial

GraphQL is first and foremost. GraphQL.js is the definitive JavaScript GraphQL implementation, but most of us are using GraphQL to build backend APIs. For that to work, we need to serve GraphQL over HTTP.

A GraphQL Service for Asset Control

In this post, I would like to show how to implement a GraphQL service for FX rates stored in Asset Control. In a subsequent article I will then make use of the GraphQL data in a small React app to generate charts for these FX rates.

The World Needs Web Accessibility Now More Than Ever

I attended a talk last year by Mike Gifford where he said, “the web has actually become LESS accessible since 2011.” It’s cheap and easy for anyone to create a website these days, and hardly anyone considers accessibility. And why would you? If it’s not in your daily purview, it’s not going into your list of website requirements. Heck, most people don’t even think of the end user, Disabled or not, when creating a website.