Page Contents

Home > @loopback/authorization > AuthorizationOptions

AuthorizationOptions interface

Signature:

export interface AuthorizationOptions 

Properties

Property Type Description
defaultDecision AuthorizationDecision.DENY | AuthorizationDecision.ALLOW Default decision if all authorizers vote for ABSTAIN If not set, default to AuthorizationDecision.DENY
defaultMetadata AuthorizationMetadata Default authorization metadata if a method is not decorated with @authorize. If not set, no authorization will be enforced for those methods that are not associated with authorization metadata.
defaultStatusCodeForDeny number Default HTTP status code when the final decision is AuthorizationDecision.DENY. If not set, default to 403
precedence AuthorizationDecision.DENY | AuthorizationDecision.ALLOW Controls if Allow/Deny vote takes precedence and override other votes. If not set, default to AuthorizationDecision.DENY.Once a vote matches the precedence, it becomes the final decision. The rest of votes will be skipped.