mirror of
https://github.com/hasura/graphql-engine.git
synced 2024-12-15 09:22:43 +03:00
docs: update authz docs
Based on this [feedback](https://hasurahq.slack.com/archives/C015EA71MU0/p1651061643434309). PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4403 Co-authored-by: Rikin Kachhia <54616969+rikinsk@users.noreply.github.com> GitOrigin-RevId: 68bff5f9fa3dea8a4b7bff43be17982fa52e3d36
This commit is contained in:
parent
cdf5e3b5f0
commit
b2ff3162c1
@ -15,14 +15,9 @@ import Thumbnail from "@site/src/components/Thumbnail";
|
||||
|
||||
## Overview
|
||||
|
||||
Hasura supports **role-based** authorization where access control is
|
||||
done by creating rules for each role, table and operation (*insert*,
|
||||
*update*, etc.). These access control rules use dynamic session
|
||||
Hasura supports **role-based** authorization where access control is done by creating rules for each role and operation. In the case of database tables, you can create rules for database operations (select, insert, update, delete) and in the case of [remote schemas](/graphql/core/remote-schemas/index.mdx), you can define rules for access to fields. These access control rules use dynamic session
|
||||
variables that are passed to the GraphQL engine from your
|
||||
[authentication service](/graphql/core/auth/authentication/index.mdx) with every request. Role
|
||||
information is inferred from the `X-Hasura-Role` and
|
||||
`X-Hasura-Allowed-Roles` session variables. Other session variables can
|
||||
be passed by your auth service as per your requirements.
|
||||
[authentication service](/graphql/core/auth/authentication/index.mdx) with every request. Role information is inferred from the `X-Hasura-Role` and `X-Hasura-Allowed-Roles` session variables. Other session variables can be passed by your auth service as per your requirements.
|
||||
|
||||
**For example:**
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user