JWT claims in resolver context

Tom HouléTom Houlé
JWT claims in resolver context

Access JWT claims from custom resolvers

With custom resolvers, you can easily augment your GraphQL API with new fields and types. These resolvers have access to the parent type, field arguments and context. The main piece of useful data in context so far was the HTTP headers of the request:

export default function Resolver(_, __, { request }) {
  const { headers } = request

  // ...
}

In addition to the headers, you can now access the JWT claims of any valid, verified JWT that was included in the request. The request.jwtClaims field is always a plain object.

export default function Resolver(_, __, { request }) {
  const { jwtClaims } = request

  if (jwtClaims.groups.includes('writer')) {
    // Do something
  } else {
    // Do something else
  }
}

Read more about Auth Providers in the docs to understand how you can use JWTs for authentication in Grafbase.

We'd love to hear your feedback and ideas, so join us on Discord.