The Guild LogoThe Guild Monogram

Search docs

Search icon

Products by The Guild


Hive logoHive blurred logo


Schema Registry for your GraphQL Workflows

Envelop Logo


Get Started

Plugin Hub > useOperationFieldPermissions

yarn add @envelop/operation-field-permissions


Disallow executing operations that select certain fields. Useful if you want to restrict the scope of certain public API users to a subset of the public GraphQL schema, without triggering execution (e.g. how graphql-shield works).

Note: This plugin and authorization on a resolver level (or via middleware) are complementary. You should still verify whether a viewer is allowed to access certain data within your resolvers.


yarn add @envelop/operation-field-permissions

Usage Example#

import { envelop, useSchema } from '@envelop/core'; import { useOperationFieldPermissions } from 'envelop/operation-field-permissions'; const getEnveloped = envelop({ plugins: [ useSchema(schema), useOperationFieldPermissions({ // we can access graphql context here getPermissions: async context => new Set(['Query.greetings', ...context.viewer.permissions]), }), /* ... other envelops */ ], });


type Query { greetings: [String!]! foo: String }


query { foo }


{ "data": null, "errors": [ { "message": "Insufficient permissions for selecting ''.", "locations": [ { "line": 2, "column": 2 } ] } ] }

Plugin Details