I want to secure my API server (nodejs/apollo-server-express 3.x/graphql) and tried to use the recently published express-oauth2-jwt-bearer SDK from Auth0.
Authentication seems to be working fine but when it comes to authorization, which has to be done on the resolver level, I don’t know how to do this. The library has e.g. a requiredScopes handler but how and where can I use this?
The tutorial only mentions the usual REST API, but doesn’t mention a graphql solution. Would be great if such an example would be added to the tutorial!
Thanks for any hints or solutions!