[SUBMIT] A complete guide to Authorization in GraphQL and Jamstack

[Qodestackr]

Introduction

One of the de facto standards of tackling how decoupled systems interact together is by building APIs. In recent years, GraphQL and Jamstack solutions has gained popularity in developing experiencs. GraphQL spec uses a declarative query language that favors flexible queries to your client's demands. On the backend, you create a strongly typed schema to resolve data so the clients can send arbitrary queries for the exact data they want, which you will validate against your schema.

This article will explain how we can leverage various authorization strategies in a Jamstack architecture.

Goals

We will build an authorization system with GraphQL and discuss how this can be implemented in a Jamstack architecture.

Outline

• What is Jamstack?
• Role based access controls
• Attribute based access controls
• Authorization at resolvers
• App-wide authorization
• Authorization at the data layers
• Global authorization with Cerbos - a tool that turns authorization logic into configuration
• Best practices
• Conclusion

Sample articles

No response

[endymion1818]

hi @Qodestackr, thanks for your submission, can I ask a bit more detail about how you plan to feature Webiny in this article?

[Qodestackr]

Reason for thought about this: Webiny heavily relies on GraphQL. Creating content around GraphQL is helpful to the end user in my opinion and how they approach the platform.

[endymion1818]

Thanks Wilson, I don't think this is as needed as your other submission (#105), let's close this one and get you on that.

[Qodestackr]

👍

Thanks Wilson, I don't think this is as needed as your other submission (#105), let's close this one and get you on that.

👍 Sure. Let me work on the other article.