Skip to Content


Published: 2022-05-24

Aside from authentication, authorization is another important aspect of building applications.

RBAC - Role Based Access Control#

WunderGraph supports role based access control to implement authorization. By default, a WunderGraph application has two roles, "user" and "admin". You can modify the roles via the configuration object passed to configureWunderGraphApplication.

// wundergraph.config.ts
authorization: {
roles: [

Once the roles are defined, they become available for the @rbac directive. You can use this directive to attach rules to Operations so that WunderGraph can determine if a user is allowed to execute an Operation.

Learn more on how to use the @rbac directive in the directives' documentation.



Subscribe to our newsletter!

Stay informed when great things happen! Get the latest news about APIs, GraphQL and more straight into your mailbox.

© 2022 WunderGraph