Roles are simply strings, like "admin" or "user", that can be attached to a user. Then, based on the roles of the user and the rules you've defined, WunderGraph determines if a user is allowed to execute an Operation.
Find below an annotated Operation showcasing all available options to use the
A common use case is that you want to grant access to an operation explicitly to a single role. In this case, you'd use the
requireMatchAll rule like below:
By attaching role based access rules to operations, we're almost done. What's missing is to actually grant our users certain roles. For that, we've got to implement a hook, which is described in the hooks section on authentication.