You can utilize the
hasScope helper function in order to specify the security scope that the user must possess in order to be able to access a specific field in your GraphQL schema.
To learn more about security scopes, click here.
The following example shows a complete definition of a simple GraphQL schema (defined using the
graphql-schema plugin), with the
hasScope helper function used to wrap resolvers with required scope.
To learn more about creating the GraphQL schema and the
graphql-schemaplugin, click here.
Upon accessing the GraphQL field, if the user possesses the required scope, the GraphQL field's resolver will be executed. Otherwise, the resolver execution will be prevented, and the following error message will be returned in the response: