Skip to content

Connectum API Reference / @connectum/auth / AuthzRule

Interface: AuthzRule

Defined in: packages/auth/src/types.ts:81

Authorization rule definition.

When a rule has requires, the match semantics are:

  • roles: "any-of" -- the user must have at least one of the listed roles.
  • scopes: "all-of" -- the user must have every listed scope.

Properties

effect

readonly effect: AuthzEffect

Defined in: packages/auth/src/types.ts:87

Effect when rule matches


methods

readonly methods: readonly string[]

Defined in: packages/auth/src/types.ts:85

Method patterns to match (e.g., "admin.v1.AdminService/*", "user.v1.UserService/DeleteUser")


name

readonly name: string

Defined in: packages/auth/src/types.ts:83

Rule name for logging/debugging


requires?

readonly optional requires: object

Defined in: packages/auth/src/types.ts:94

Required roles/scopes for this rule.

  • roles uses "any-of" semantics: user needs at least one of the listed roles.
  • scopes uses "all-of" semantics: user needs every listed scope.

roles?

readonly optional roles: readonly string[]

scopes?

readonly optional scopes: readonly string[]