Custom authorizer provider added

Tomas OlveckyTomas OlveckyJamie BartonJamie Barton
Custom authorizer provider added

We just added a new authorizer provider type!

Developers building multi-tenant applications can now implement custom JWT verification using a custom function written in TypeScript or JavaScript.

import { auth, config, graph } from '@grafbase/sdk' const g = graph.Standalone() const authorizer = auth.Authorizer({ name: 'my-authorizer-function', }) export default config({ graph: g, auth: { providers: [authorizer], }, })

Then inside grafbase/auth/my-authorizer-function.ts you can use the context from the request to return a custom JWT that can specify the claims sub and groups which also work owner and group based rules.

export default function ({ request }) { const { headers } = request const jwt = headers['authorization'] // Verify JWT... return { identity: { sub: 'user1', groups: ['g1'] } } }

If the returned object does not contain the identity key, public auth will be used instead.

We'd love to hear your feedback and ideas, so join us on Discord.