David Martin created an issue

AeroGear / AEROGEAR-2857 Spike: Authentication & Authorisation with graphql Issue Type: Task Assignee: Unassigned Created: 24/May/18 10:29 AM Labels: team-service-2 Priority: Major Reporter: David Martin provision keycloak and configure the showcase app to use it after login, send the authentication token with all graphql requests from the android app on the server, use the token to lookup user roles in keycloak and verify authZ checks can be done in graphql server resolvers investigate how generic an authZ configuration can be made, regardless of what the schema definition is e.g. can tables, rows, fields be locked down by the developer simply setting roles in keycloak? Add Comment

This message was sent by Atlassian JIRA (v7.5.0#75005-sha1:fd8c849)