UNPKG

@loopback/docs

Version:

Documentation files rendered at [https://loopback.io](https://loopback.io)

github.com/loopbackio/loopback-next/tree/master/docs

loopbackio/loopback-next

57 lines (40 loc) 2.76 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
--- lang: en title: 'API docs: security' keywords: LoopBack 4.0, LoopBack 4, Node.js, TypeScript, OpenAPI sidebar: lb4_sidebar editurl: https://github.com/loopbackio/loopback-next/tree/master/packages/security permalink: /doc/en/lb4/apidocs.security.html --- <!-- Do not edit this file. It is automatically generated by API Documenter. --> [Home](./index.md) &gt; [@loopback/security](./security.md) ## security package Common types/interfaces for LoopBack 4 security including authentication and authorization. ## Remarks - Subject - It's the "who" for security - contains a set of Principles, a set of Credentials, and a set of Permissions - Principle - Represent a user, an application, or a device - Credential - Security attributes used to authenticate the subject. Such credentials include passwords, Kerberos tickets, and public key certificates. - Permission - It's the what for security. ## Classes | Class | Description | | --- | --- | | [DefaultSubject](./security.defaultsubject.md) | Default implementation of <code>Subject</code> | | [Permission](./security.permission.md) | <code>Permission</code> defines an action/access against a protected resource. It's the <code>what</code> for security.<!-- -->There are three levels of permissions<!-- -->- Resource level (Order, User) - Instance level (Order-0001, User-1001) - Property level (User-0001.email) | | [TypedPrincipal](./security.typedprincipal.md) | | ## Interfaces | Interface | Description | | --- | --- | | [ClientApplication](./security.clientapplication.md) | | | [Credential](./security.credential.md) | Security attributes used to authenticate the subject. Such credentials include passwords, Kerberos tickets, and public key certificates. | | [Organization](./security.organization.md) | | | [Principal](./security.principal.md) | Represent a user, an application, or a device | | [Role](./security.role.md) | | | [Scope](./security.scope.md) | oAuth 2.0 scope | | [Subject](./security.subject.md) | <code>Subject</code> represents both security state and operations for a single request. It's the <code>who</code> for security.<!-- -->Such operations include: - authentication (login) - authorization (access control) - session access - logout | | [Team](./security.team.md) | | | [UserProfile](./security.userprofile.md) | The minimum set of attributes that describe a user. | ## Namespaces | Namespace | Description | | --- | --- | | [SecurityBindings](./security.securitybindings.md) | Binding keys for security related metadata | ## Variables | Variable | Description | | --- | --- | | [securityId](./security.securityid.md) | A symbol for stringified id of security related objects |