Bird
0
0

How can you combine schema definition with authorization logic to enforce access control in a GraphQL API?

hard📝 Application Q9 of 15
GraphQL - Schema Definition Language (SDL)
How can you combine schema definition with authorization logic to enforce access control in a GraphQL API?
ABoth A and C are valid approaches
BDefine schema normally and implement authorization in resolvers
CUse schema directives to embed authorization checks
DAdd authorization rules directly inside the schema syntax
Step-by-Step Solution
Solution:

  1. Step 1: Recognize schema's role vs authorization

    Schema defines data shape; authorization is usually handled in resolvers or directives.

  2. Step 2: Identify valid methods to enforce authorization

    Authorization can be done in resolvers or via schema directives that add checks.

  3. Final Answer:

    Both A and C are valid approaches -> Option A

  4. Quick Check:

    Authorization via resolvers or directives = B [OK]
Quick Trick: Use resolvers or directives for authorization [OK]
Common Mistakes:
  • Thinking schema syntax alone handles authorization
  • Ignoring schema directives as an option
  • Assuming authorization is automatic

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More GraphQL Quizzes
GraphQL Basics and Philosophy - Single endpoint architecture - Quiz 10hard GraphQL Basics and Philosophy - Single endpoint architecture - Quiz 12easy GraphQL Basics and Philosophy - Over-fetching and under-fetching problems - Quiz 12easy Mutations - Mutation return types - Quiz 13medium Resolvers - Default resolvers - Quiz 12easy Schema Definition Language (SDL) - List types - Quiz 6medium Type Relationships - One-to-one relationships - Quiz 11easy Type Relationships - Many-to-many relationships - Quiz 12easy Type Relationships - Relationship design patterns - Quiz 10hard Type Relationships - Bidirectional relationships - Quiz 14medium