Graphback Keycloak Authz
Graphback Keycloak Authz enables Keycloak integration in Graphback based applications. This enables you to declaratively add authorization capabilities like role based access on top of the CRUD model that is used within Graphback.
This package is designed to work with
keycloak-connect is the official Keycloak middleware for Express applications.
keycloak-connect-graphql provides deeper Keycloak integration into GraphQL servers.
NOTE: This package is an early alpha and not officially supported by Graphback
This module requires you to install the following dependencies into your application.
Then follow the Getting started instructions for
Once the getting started instructions are covered, you must create a configuration that defines the authorization rules for each model within your Graphback application.
Here is an example configuration.
With this configuration the following rules are in place.
- All users can create and read
Tasktypes but only admins can update and delete them.
- Admin users can create, update and delete
Reporttypes, and all users can read them.
Example with Graphback Runtime
During server initialization, use the
createKeycloakCRUDService function to initialize the KeycloakCrudService instances for each model.
The following example shows just the necessary parts to set up the runtime services in Graphback.
The above example shows runtime set up using the KnexDbDataProvider, but other data providers such as the
MongoDBDataProvider can also be passed.