Hypi includes three types of permissions. Resource based permissions applies to specified objects and allows controlling access to them.
Scope based permissions are to control access to GraphQL fields. That includes fields on the
This can be used to prevent access to certain GraphQL fields.
Type based permissions apply to all data of a given type. e.g. if your data model has a type called
Orders it can be used to ensure only those with the
Accounting Team role can access
Note: It is recommended that you use
ResourceBasedPermission most often. The other two can affect a broad scope and mistakenly deny access to data that they shouldn't apply to.
Scope based permissions control access based on the GraphQL fields of the types in an app.
There are two types of scope based permissions.
- Applies only to specific resources
- Applies globally when no resource specific permission exists
Controls access based on a specific object.
Controls access based on the GraphQL type.
All three permission types controls who has access to data by applying policies.