You can now apply rules at the model level in your schema.
Consider the following global rules:
schema
@auth(
providers: [{ type: oidc, issuer: "{{ env.ISSUER_URL }}" }]
rules: [{ allow: private, operations: ["read"] }]
) {
query: Query
}
type User @model {
title: String!
}
Now let's add the @auth directive to the User model:
schema
@auth(
providers: [{ type: oidc, issuer: "{{ env.ISSUER_URL }}" }]
rules: [{ allow: private, operations: ["read"] }]
) {
query: Query
}
type User
@model
@auth(
rules: [
{ allow: private, operations: ["read"] }
{ allow: groups, groups: ["admin"] }
]
) {
title: String!
}
You can see from the example that even group-based auth can be configured on a per model basis — learn more. These rules will override the global auth.
We'd love to hear your feedback and ideas, so join us on Discord.