How to Use @auth Directive With Amplify GraphQL Schema For Beginners
Secure Your Data In Amplify GraphQL
This short article will explain how to use @auth with an Amplify schema to create authorization rules for users accessing the API’s data.
What is the @auth Directive?
The @auth directive is a decorator that you add with your schema in order to control who has access to what data in your API. It is AWS’s method of implementing authorization rules.
You can use the @auth directive on the top level of schema objects and also on individual fields in the objects. The simplest form of the directive is shown below:
Here @auth is used at the top level of the Post schema. The rule above allows any signed-in user to create a Post
record.
The AWS documentation has handy tables that outline what this rule will allow:
There is another field called operations
that you can use in the rules
object to limit operations individually. If you specifically use the operations
field to limit operations, and you do not include the create
rule, the owner information will not be saved with the record. For instance, the following rule will not save the owner with the record: