graphql-java-spring-boot-example icon indicating copy to clipboard operation
graphql-java-spring-boot-example copied to clipboard

Published 20 hours ago verified publisher icon eh3rrera

Authorization.

Open ronen1malka opened this issue 5 years ago • 2 comments

Hi, Great article! Can you please give some details on Authorization? In REST we can use spring security to protect unauthorized call to endpoints. In GraphQL we have only one endpoint. What are the alternatives? Also, Is it possible to protect fields (hide?) from specific users?

ronen1malka avatar Mar 25 '19 07:03 ronen1malka

Hi, thanks!

Authentication/Authorization is usually done with JWT/OAuth, but here are two tutorials that you might find useful:

  • https://www.howtographql.com/graphql-java/5-authentication/
  • https://mi3o.com/spring-graphql-security/

Also to protect (hide) fields, you can check out field visibility.

eh3rrera avatar Mar 25 '19 16:03 eh3rrera

Thanks!

From: Esteban Herrera Sent: Monday, 25 March 2019 18:05 To: eh3rrera/graphql-java-spring-boot-example Cc: ronen1malka; Author Subject: Re: [eh3rrera/graphql-java-spring-boot-example] Authorization. (#12)

Hi, thanks! Authentication/Authorization is usually done with JWT/OAuth, but here are two tutorials that you might find useful: • https://www.howtographql.com/graphql-java/5-authentication/ • https://mi3o.com/spring-graphql-security/ Also to protect (hide) fields, you can check out field visibility. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.

ronen1malka avatar Mar 26 '19 07:03 ronen1malka