WIP: use this directive when:

  1. @requireRoles could not be used due to resource ids not being available
  2. the field resolver doesn't implement the authorization itself This directive is ran after the object is resolved and the objects are filtered based on their ids and the roles available in the auth context. The downside of using this, is that paging requests may yield less than a page size results (in the worst case 0) and the client will have to check the warnings section for explanation amd figure out if the result iteration should be continued.

link GraphQL Schema definition

1directive @verifyAuthRoleAccess(roles: [AuthRoleRequirement]!, orgRole: [AuthPermissionType!], throwErr: Boolean) on QUERY | FIELD | FIELD_DEFINITION | OBJECT

link Required by

This element is not required by anyone