Hi @dabit3, thank you providing this auth + unauth example. Can you expand on this concluding comment?
If you'd like to access the unique identity of the logged in user for user authorization & fine grained access control, you can access the $context.identity.cognitoIdentityId) in the resolver.
For example, how do we use $context.identity.cognitoIdentityId to limit a certain mutation to the "owner" of a resource, i.e. the author of a blogpost, as opposed to any signed-in user of the blog site?
Hi @dabit3, thank you providing this auth + unauth example. Can you expand on this concluding comment?
For example, how do we use
$context.identity.cognitoIdentityIdto limit a certain mutation to the "owner" of a resource, i.e. the author of a blogpost, as opposed to any signed-in user of the blog site?