@loopback/docs/site/apidocs/authorization.md

Documentation files rendered at [https://loopback.io](https://loopback.io)

---
lang: en
title: 'API docs: authorization'
keywords: LoopBack 4.0, LoopBack 4, Node.js, TypeScript, OpenAPI
sidebar: lb4_sidebar
editurl: https://github.com/loopbackio/loopback-next/tree/master/packages/authorization
permalink: /doc/en/lb4/apidocs.authorization.html
---

<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [@loopback/authorization](./authorization.md)

## authorization package

A LoopBack 4 component for authorization support (Role based, Permission based, Vote based)

## Remarks

To read on key building blocks read through [LoopBack authorization docs](https://loopback.io/doc/en/lb4/Loopback-component-authorization.html)

## Classes

<table><thead><tr><th>

Class


</th><th>

Description


</th></tr></thead>
<tbody><tr><td markdown="1">

[AuthorizationComponent](./authorization.authorizationcomponent.md)


</td><td markdown="1">


</td></tr>
<tr><td markdown="1">

[AuthorizationError](./authorization.authorizationerror.md)


</td><td markdown="1">

The custom error class that describes the error thrown by the authorization module. Should be extracted to the common layer shared by authentication and authorization.


</td></tr>
<tr><td markdown="1">

[AuthorizationInterceptor](./authorization.authorizationinterceptor.md)


</td><td markdown="1">


</td></tr>
<tr><td markdown="1">

[AuthorizeMethodDecoratorFactory](./authorization.authorizemethoddecoratorfactory.md)


</td><td markdown="1">


</td></tr>
</tbody></table>

## Enumerations

<table><thead><tr><th>

Enumeration


</th><th>

Description


</th></tr></thead>
<tbody><tr><td markdown="1">

[AuthorizationDecision](./authorization.authorizationdecision.md)


</td><td markdown="1">

Decisions for authorization


</td></tr>
</tbody></table>

## Functions

<table><thead><tr><th>

Function


</th><th>

Description


</th></tr></thead>
<tbody><tr><td markdown="1">

[authorize(spec)](./authorization.authorize.md)


</td><td markdown="1">

Decorator `@authorize` to mark methods that require authorization


</td></tr>
<tr><td markdown="1">

[getAuthorizationMetadata(target, methodName)](./authorization.getauthorizationmetadata.md)


</td><td markdown="1">

Fetch authorization metadata stored by `@authorize` decorator.


</td></tr>
</tbody></table>

## Interfaces

<table><thead><tr><th>

Interface


</th><th>

Description


</th></tr></thead>
<tbody><tr><td markdown="1">

[AuthorizationContext](./authorization.authorizationcontext.md)


</td><td markdown="1">

Request context for authorization


</td></tr>
<tr><td markdown="1">

[AuthorizationMetadata](./authorization.authorizationmetadata.md)


</td><td markdown="1">

Authorization metadata supplied via `@authorize` decorator


</td></tr>
<tr><td markdown="1">

[AuthorizationOptions](./authorization.authorizationoptions.md)


</td><td markdown="1">


</td></tr>
<tr><td markdown="1">

[AuthorizationRequest](./authorization.authorizationrequest.md)


</td><td markdown="1">

Inspired by https://github.com/casbin/node-casbin


</td></tr>
<tr><td markdown="1">

[Enforcer](./authorization.enforcer.md)


</td><td markdown="1">

An enforcer of authorization policies


</td></tr>
</tbody></table>

## Namespaces

<table><thead><tr><th>

Namespace


</th><th>

Description


</th></tr></thead>
<tbody><tr><td markdown="1">

[AuthorizationBindings](./authorization.authorizationbindings.md)


</td><td markdown="1">

Binding keys used by authorization component.


</td></tr>
<tr><td markdown="1">

[AuthorizationTags](./authorization.authorizationtags.md)


</td><td markdown="1">

Binding tags used by authorization component


</td></tr>
<tr><td markdown="1">

[authorize](./authorization.authorize.md)


</td><td markdown="1">


</td></tr>
</tbody></table>

## Variables

<table><thead><tr><th>

Variable


</th><th>

Description


</th></tr></thead>
<tbody><tr><td markdown="1">

[ANONYMOUS](./authorization.anonymous.md)


</td><td markdown="1">


</td></tr>
<tr><td markdown="1">

[AUTHENTICATED](./authorization.authenticated.md)


</td><td markdown="1">


</td></tr>
<tr><td markdown="1">

[AUTHORIZATION\_CLASS\_KEY](./authorization.authorization_class_key.md)


</td><td markdown="1">


</td></tr>
<tr><td markdown="1">

[AUTHORIZATION\_METHOD\_KEY](./authorization.authorization_method_key.md)


</td><td markdown="1">


</td></tr>
<tr><td markdown="1">

[EVERYONE](./authorization.everyone.md)


</td><td markdown="1">

Built-in roles


</td></tr>
<tr><td markdown="1">

[UNAUTHENTICATED](./authorization.unauthenticated.md)


</td><td markdown="1">


</td></tr>
</tbody></table>

## Type Aliases

<table><thead><tr><th>

Type Alias


</th><th>

Description


</th></tr></thead>
<tbody><tr><td markdown="1">

[Authorizer](./authorization.authorizer.md)


</td><td markdown="1">

A function to decide if access to the target should be allowed or denied


</td></tr>
</tbody></table>