Page Contents

Home > @loopback/authorization > AuthorizationOptions

AuthorizationOptions interface


export interface AuthorizationOptions 


Property Modifiers Type Description
defaultDecision?   AuthorizationDecision.DENY | AuthorizationDecision.ALLOW (Optional) Default decision if all authorizers vote for ABSTAIN If not set, default to AuthorizationDecision.DENY
defaultMetadata?   AuthorizationMetadata (Optional) Default authorization metadata if a method is not decorated with @authorize. If not set, no authorization will be enforced for those methods that are not associated with authorization metadata.
defaultStatusCodeForDeny?   number (Optional) Default HTTP status code when the final decision is AuthorizationDecision.DENY. If not set, default to 403
precedence?   AuthorizationDecision.DENY | AuthorizationDecision.ALLOW <p>(Optional) Controls if Allow/Deny vote takes precedence and override other votes. If not set, default to AuthorizationDecision.DENY.</p><p>Once a vote matches the precedence, it becomes the final decision. The rest of votes will be skipped.</p>