7 Adding authorization and authentication
This chapter covers
- Adding authentication and authorization to our application, including both the GraphQL API and our frontend React application
- Using JSON Web Tokens (JWTs) to encode user identity and permissions
- Expressing and enforcing authorization rules in our GraphQL schema using the @auth GraphQL schema directive
- Using Auth0 as a JWT provider and the Auth0 React SDK to add Auth0 support to our application
Authentication (verifying a userâs identity) and authorization (verifying resources users can access) are needed to secure any applicationâensuring users have the permissions that they should and protecting data and actions of the application, both on the frontend and backend. So far, both ...