Auth rules for @lamdba queries/mutations

Is it possible to define auth rules for a lambda query/mutation in the GraphQL schema being sent to Dgraph?

Something like

Query
{
    myAdminOnlyQuery(...): [MyResultType] @auth(...) @lamdba
}

If it’s not possible to define the auth rule in the GraphQL schema, is it possible to access JWT information inside the lambda body to perform custom auth checks there?

2 Likes

Hi, You can access the JWT token inside your lambda from authHeader.

As of today it is not possible to use @auth directive on @lambdas, there is however a WIP to add @auth rules to @custom DQL directives (unfortunately not yet for @lambdas). see WIP: Auth rules custom DQL query

I believe the support for @auth rules on @custom directive is not yet shipped on the latest stable release (v21.03), but apparently it is merged on the main dgraph branch (don’t quote me on this).