Skip to main content

GraphQL Citadel

Easy to use schema-first GraphQL schema directive for authentication and authorization

Security first

Schema-first, so you can impose policies declaratively. Deny-By-Default makes your application prevent unintentional security leaks.

runner_start

Easy to use

Write a resolver and just add a schema directive (e.g. @hasPermission) to your query or your mutation. It will force a policy to your operation.

Powered by graphql-tools

Works with the existing ecosystem! You can use GraphQL Citadel with any GraphQL toolings.