9 docs tagged with "policies"

Policies can be attached to GraphQL resolvers to implement complex authorization rules, such as limiting results for unauthenticated users or restricting access based on group membership.

Extend or override routes, controllers, and policies for the Users & Permissions plugin to add custom access control logic.

With Strapi's error handling feature it's easy to send and receive errors in your application.

Use a GraphQL endpoint in your Strapi project to fetch and mutate your content.

Existing plugins can be overriden by placing code in /src/extensions or using global register/bootstrap hooks. Instructions in this documentation cover reshaping plugin content-type schemas or server logic — altough upstream updates may break extensions.

Strapi policies are functions that execute specific logic on each request before it reaches the controller. Policies can be customized according to your needs.

Strapi routes handle requests to your content and are auto-generated for your content-types. Routes can be customized according to your needs.

Overview of the Strapi Server API for plugins, with entry file, lifecycle hooks, routes, controllers, services, policies, middlewares, and configuration.

Guard plugin routes with policies and intercept requests with middlewares in the Strapi plugin Server API.