Authentication and authorization for Graphback
Graphback integration allows developers to use their own authentication and authorization solution. Graphback will work with any existing Node.js library like Express or Fastify thus any authentication library that works on top of those framework will be supported.
For authorization developers can write their own class that extends
GraphbackProxyService allows developers to wrap any other services by giving ability to execute
pre and post crud operation handlers. Pre and post operations can be used to provide authorization rules
and prevent from unautorized access.
#Out of the box Authorization on top of the Graphback
Graphback recomends using following authorization libraries
- Passport.js if you looking for in application authorization and authentication mechanisms.
- Keycloak SSO - Standalone SSO server offering integration with various social OAuth logins and federating users.
Graphback provides out of the box support for Keycloak SSO thanks to @graphback/keycloak-authz that utilizes https://github.com/aerogear/keycloak-connect-graphql library