Directives Reference

@fromClaim Directive

WunderGraph builds on top of OpenID Connect for authentication. When a user is authenticated, we're storing all their claims in a cookie.

When defining your GraphQL Operations, you're able to use the @fromClaim directive to access the claims of the user and inject them into variables.

Here's an example:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
mutation (
$name: String! @fromClaim(name: NAME)
$email: String! @fromClaim(name: EMAIL)
$message: String! @jsonSchema(pattern: "^[a-zA-Z 0-9]+$")
) {
createOnepost(
data: {
message: $message
user: {
connectOrCreate: {
where: { email: $email }
create: { email: $email, name: $name }
}
}
}
) {
id
message
user {
id
name
}
}
}

We're injecting the name and email claims into the $name and $email variables. The variables are removed from the exported JSON RPC API. This means, the user cannot set them manually, JSON Schema validation would prevent this automatically.

Additionally, applying the @jsonSchema directive to an operation will automatically enable an authentication check. So, the user must be authenticated to execute the operation.

Previous
Overview

Was this article helpful to you?
Provide feedback

Edit this page