Page Contents
security package
Common types/interfaces for LoopBack 4 security including authentication and authorization.
Remarks
- Subject - It’s the “who” for security - contains a set of Principles, a set of Credentials, and a set of Permissions - Principle - Represent a user, an application, or a device - Credential - Security attributes used to authenticate the subject. Such credentials include passwords, Kerberos tickets, and public key certificates. - Permission - It’s the what for security.
Classes
| Class | Description |
|---|---|
| [DefaultSubject](/doc/en/lb4/apidocs.security.defaultsubject.html) | Default implementation of `Subject` |
| [Permission](/doc/en/lb4/apidocs.security.permission.html) | `Permission` defines an action/access against a protected resource. It's the `what` for security. There are three levels of permissions - Resource level (Order, User) - Instance level (Order-0001, User-1001) - Property level (User-0001.email) |
| [TypedPrincipal](/doc/en/lb4/apidocs.security.typedprincipal.html) |
Interfaces
| Interface | Description |
|---|---|
| [ClientApplication](/doc/en/lb4/apidocs.security.clientapplication.html) | |
| [Credential](/doc/en/lb4/apidocs.security.credential.html) | Security attributes used to authenticate the subject. Such credentials include passwords, Kerberos tickets, and public key certificates. |
| [Organization](/doc/en/lb4/apidocs.security.organization.html) | |
| [Principal](/doc/en/lb4/apidocs.security.principal.html) | Represent a user, an application, or a device |
| [Role](/doc/en/lb4/apidocs.security.role.html) | |
| [Scope](/doc/en/lb4/apidocs.security.scope.html) | oAuth 2.0 scope |
| [Subject](/doc/en/lb4/apidocs.security.subject.html) | `Subject` represents both security state and operations for a single request. It's the `who` for security. Such operations include: - authentication (login) - authorization (access control) - session access - logout |
| [Team](/doc/en/lb4/apidocs.security.team.html) | |
| [UserProfile](/doc/en/lb4/apidocs.security.userprofile.html) | The minimum set of attributes that describe a user. |
Namespaces
| Namespace | Description |
|---|---|
| [SecurityBindings](/doc/en/lb4/apidocs.security.securitybindings.html) | Binding keys for security related metadata |
Variables
| Variable | Description |
|---|---|
| [securityId](/doc/en/lb4/apidocs.security.securityid.html) | A symbol for stringified id of security related objects |