We'll look at an example of how to implement authentication and authorization in a GraphQL server. We'll use the HTTP Authorization request header to log in users, and we'll use field-level authorization to control user permissions to parts of the schema.
What is authentication and authorization
Send user authentication credentials using HTTP headers
context option in Apollo Server 3 to pass credentials to resolvers
Use field-level authorization in a GraphQL API
Michelle Mabuyo and Megan Sullivan