7 Adding authorization and authentication

This chapter covers

Adding authentication and authorization to our application, including both the GraphQL API and our frontend React application
Using JSON Web Tokens (JWTs) to encode user identity and permissions
Expressing and enforcing authorization rules in our GraphQL schema using the @auth GraphQL schema directive
Using Auth0 as a JWT provider and the Auth0 React SDK to add Auth0 support to our application

Authentication (verifying a user’s identity) and authorization (verifying resources users can access) are needed to secure any application—ensuring users have the permissions that they should and protecting data and actions of the application, both on the frontend and backend. So far, both ...

Get Full Stack GraphQL Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Full Stack GraphQL Applications by William Lyon

7 Adding authorization and authentication

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly