Secure your
app with ease
Configure auth in minutes with your identity provider. Manage complex permissions using role-based access control with OpenID Connect or JWT.
Integrates with
Seamless integration
Grafbase works out of the box with popular authentication strategies.
Permissions made easy
Grafbase sits between your user management provider and database making sure only those who should have access, do.
Signed-in rules
Create rules for any signed-in user to access any data source in your Grafbase backend.
Group-based rules
Create rules for user groups and roles with custom claims managed by the connected auth provider.
Global rules
Opt-out of signed-in and role-based access control by configuring access to any data source with global rules.
Type-level rules
Create rules for specific models that control access for signed-in or group-based users.
Field-level rules
Create rules for fields of models that control access for signed-in or group-based users.
Operation rules
Create rules for signed-in or group-based users to restrict who can create, read, update, and delete data.