TTC
Theo's Typesafe Cult13mo ago
ibamsey

Fine Grained Authorisation

Can people indicate the best approach to fine grained authorisation within a T3 stack app. This means for each authenticated user, we have an Access Control List (ACL) which contains all the fine grain privileges a user has. Most examples are just trivial, e.g. two roles Admin and User. In real world business apps, we construct roles from many fine grained privileges. For each use case we need to control the UI elements and API calls which are allowed. This means grey-outs or removal of UI element, and restricting api calls. The API (which may be via GraphQL at this time) already checks the ACL and throws errors as appropriate. As we move to tRPC we will need the same. We are using NextAuth. What libraries or approaches can be recommended for implementing FGA in the T3 world?
0 Replies
No replies yetBe the first to reply to this messageJoin
Want results from more Discord servers?
Add your server
More Posts
t3 app with a need for a REST API reached by other locationsHello, everyone! I currently have finished work on a t3 app and everything is setup as per the clieAuth SolutionResearching token vs session based auth has been a pain. In my "design" i have two services, an api