## API Report File for "@aws-amplify/graphql-auth-transformer" > Do not edit this file. It is a report generated by [API Extractor](https://api-extractor.com/). ```ts import { AppSyncAuthConfiguration } from '@aws-amplify/graphql-transformer-interfaces'; import { DirectiveNode } from 'graphql'; import { DirectiveWrapper } from '@aws-amplify/graphql-transformer-core'; import { FieldDefinitionNode } from 'graphql'; import { GetArgumentsOptions } from '@aws-amplify/graphql-transformer-core'; import { InterfaceTypeDefinitionNode } from 'graphql'; import { ObjectTypeDefinitionNode } from 'graphql'; import { TransformerAuthBase } from '@aws-amplify/graphql-transformer-core'; import { TransformerAuthProvider } from '@aws-amplify/graphql-transformer-interfaces'; import { TransformerBeforeStepContextProvider } from '@aws-amplify/graphql-transformer-interfaces'; import { TransformerContextProvider } from '@aws-amplify/graphql-transformer-interfaces'; import { TransformerSchemaVisitStepContextProvider } from '@aws-amplify/graphql-transformer-interfaces'; import { TransformerTransformSchemaStepContextProvider } from '@aws-amplify/graphql-transformer-interfaces'; // @public (undocumented) export class AccessControlMatrix { // Warning: (ae-forgotten-export) The symbol "ACMConfig" needs to be exported by the entry point index.d.ts constructor(config: ACMConfig); // (undocumented) getAcmPerRole(): Map; // (undocumented) getName(): string; // (undocumented) getResources(): Readonly>; // (undocumented) getRoles(): Array; // (undocumented) getRolesPerOperation(operation: ModelOperation, fullAccess?: boolean): Array; // (undocumented) hasResource(resource: string): boolean; // (undocumented) hasRole(role: string): boolean; // (undocumented) isAllowed(role: string, resource: string, operation: ModelOperation): boolean; // (undocumented) resetAccessForResource(resource: string): void; // Warning: (ae-forgotten-export) The symbol "SetRoleInput" needs to be exported by the entry point index.d.ts // // (undocumented) setRole(input: SetRoleInput): void; } // @public (undocumented) export const ALLOWED_FIELDS = "allowedFields"; // @public (undocumented) export const API_KEY_AUTH_TYPE = "API Key Authorization"; // @public (undocumented) export const AUTH_NON_MODEL_TYPES = "authNonModelTypes"; // @public (undocumented) export const AUTH_PROVIDER_DIRECTIVE_MAP: Map; // @public (undocumented) export interface AuthDirective { // (undocumented) rules: AuthRule[]; } // @public (undocumented) export const authDirectiveDefinition = "\n directive @auth(rules: [AuthRule!]!) on OBJECT | FIELD_DEFINITION\n input AuthRule {\n allow: AuthStrategy!\n provider: AuthProvider\n identityClaim: String\n groupClaim: String\n ownerField: String\n groupsField: String\n groups: [String]\n operations: [ModelOperation]\n }\n enum AuthStrategy {\n owner\n groups\n private\n public\n custom\n }\n enum AuthProvider {\n apiKey\n iam\n oidc\n userPools\n function\n }\n enum ModelOperation {\n create\n update\n delete\n read\n list\n get\n sync\n listen\n search\n }\n"; // @public (undocumented) export type AuthProvider = 'apiKey' | 'iam' | 'oidc' | 'userPools' | 'function'; // @public (undocumented) export interface AuthRule { // (undocumented) allow: AuthStrategy; // (undocumented) generateIAMPolicy?: boolean; // (undocumented) groupClaim?: string; // (undocumented) groups?: string[]; // (undocumented) groupsField?: string; // (undocumented) identityClaim?: string; // (undocumented) operations?: ModelOperation[]; // (undocumented) ownerField?: string; // (undocumented) provider?: AuthProvider; } // @public (undocumented) export type AuthStrategy = 'owner' | 'groups' | 'public' | 'private' | 'custom'; // @public (undocumented) export class AuthTransformer extends TransformerAuthBase implements TransformerAuthProvider { constructor(config?: AuthTransformerConfig); // (undocumented) addAutoGeneratedDataStoreFields: (ctx: TransformerContextProvider, allowedFields: Set) => void; // (undocumented) addAutoGeneratedFields: (ctx: TransformerContextProvider, def: ObjectTypeDefinitionNode, allowedFields: string[], fields: readonly string[]) => string[]; // (undocumented) addAutoGeneratedHasManyFields: (ctx: TransformerContextProvider, typeDefinitions: ObjectTypeDefinitionNode[], def: ObjectTypeDefinitionNode, allowedFields: Set) => void; // (undocumented) addAutoGeneratedHasOneFields: (ctx: TransformerContextProvider, typeDefinitions: ObjectTypeDefinitionNode[], fields: readonly string[], def: ObjectTypeDefinitionNode, allowedFields: Set) => void; // (undocumented) addAutoGeneratedIndexFields: (definition: ObjectTypeDefinitionNode, allowedFields: Set) => void; // (undocumented) addAutoGeneratedRelationalFields: (ctx: TransformerContextProvider, def: ObjectTypeDefinitionNode, allowedFields: Set, fields: readonly string[]) => void; // (undocumented) addFieldResolverForDynamicAuth: (ctx: TransformerContextProvider, def: ObjectTypeDefinitionNode, typeName: string, fieldName: string) => void; // (undocumented) addFieldsToObject: (ctx: TransformerTransformSchemaStepContextProvider, modelName: string, ownerFields: Array) => void; // (undocumented) after: (context: TransformerContextProvider) => void; // (undocumented) before: (context: TransformerBeforeStepContextProvider) => void; // (undocumented) field: (parent: ObjectTypeDefinitionNode | InterfaceTypeDefinitionNode, field: FieldDefinitionNode, directive: DirectiveNode, context: TransformerSchemaVisitStepContextProvider) => void; // (undocumented) generateResolvers: (context: TransformerContextProvider) => void; // (undocumented) getRelatedModelObject: (ctx: TransformerContextProvider, typeName: string) => ObjectTypeDefinitionNode; // (undocumented) object: (def: ObjectTypeDefinitionNode, directive: DirectiveNode, context: TransformerSchemaVisitStepContextProvider) => void; // (undocumented) protectCreateResolver: (ctx: TransformerContextProvider, def: ObjectTypeDefinitionNode, typeName: string, fieldName: string, acm: AccessControlMatrix) => void; // (undocumented) protectDeleteResolver: (ctx: TransformerContextProvider, def: ObjectTypeDefinitionNode, typeName: string, fieldName: string, acm: AccessControlMatrix) => void; // (undocumented) protectFieldResolver: (ctx: TransformerContextProvider, def: ObjectTypeDefinitionNode, typeName: string, fieldName: string, roles: Array) => void; // (undocumented) protectGetResolver: (ctx: TransformerContextProvider, def: ObjectTypeDefinitionNode, typeName: string, fieldName: string, acm: AccessControlMatrix) => void; // (undocumented) protectListResolver: (ctx: TransformerContextProvider, def: ObjectTypeDefinitionNode, typeName: string, fieldName: string, acm: AccessControlMatrix, indexName?: string) => void; // (undocumented) protectRelationalResolver: (ctx: TransformerContextProvider, def: ObjectTypeDefinitionNode, typeName: string, field: FieldDefinitionNode, fieldRoles: Array | null) => void; // (undocumented) protectSchemaOperations: (ctx: TransformerTransformSchemaStepContextProvider, def: ObjectTypeDefinitionNode, acm: AccessControlMatrix) => void; // (undocumented) protectSearchResolver: (ctx: TransformerContextProvider, def: ObjectTypeDefinitionNode, typeName: string, fieldName: string, acm: AccessControlMatrix) => void; // (undocumented) protectSubscriptionResolver: (ctx: TransformerContextProvider, typeName: string, fieldName: string, subscriptionRoles: Array) => void; // (undocumented) protectSyncResolver: (ctx: TransformerContextProvider, def: ObjectTypeDefinitionNode, typeName: string, fieldName: string, acm: AccessControlMatrix) => void; // (undocumented) protectUpdateResolver: (ctx: TransformerContextProvider, def: ObjectTypeDefinitionNode, typeName: string, fieldName: string, acm: AccessControlMatrix) => void; // (undocumented) removeAuthFieldsFromSubscriptionFilter: (context: TransformerTransformSchemaStepContextProvider) => void; // (undocumented) transformSchema: (context: TransformerTransformSchemaStepContextProvider) => void; } // @public (undocumented) export interface AuthTransformerConfig { // (undocumented) adminRoles?: Array; // (undocumented) authConfig?: AppSyncAuthConfiguration; // (undocumented) identityPoolId?: string; } // @public (undocumented) export const COGNITO_AUTH_TYPE = "User Pool Authorization"; // @public (undocumented) export interface ConfiguredAuthProviders { // (undocumented) adminRoles: Array; // (undocumented) default: AuthProvider; // (undocumented) hasAdminRolesEnabled: boolean; // (undocumented) hasApiKey: boolean; // (undocumented) hasIAM: boolean; // (undocumented) hasLambda: boolean; // (undocumented) hasOIDC: boolean; // (undocumented) hasUserPools: boolean; // (undocumented) identityPoolId?: string; // (undocumented) onlyDefaultAuthProviderConfigured: boolean; } // @public (undocumented) export const DEFAULT_COGNITO_IDENTITY_CLAIM = "cognito:username"; // @public (undocumented) export const DEFAULT_GROUP_CLAIM = "cognito:groups"; // @public (undocumented) export const DEFAULT_GROUPS_FIELD = "groups"; // @public (undocumented) export const DEFAULT_IDENTITY_CLAIM = "username"; // @public (undocumented) export const DEFAULT_OWNER_FIELD = "owner"; // @public (undocumented) export const DEFAULT_UNIQUE_IDENTITY_CLAIM = "sub::username"; // @public (undocumented) export const DENIED_FIELDS = "deniedFields"; // @public (undocumented) export const getAuthDirectiveRules: (authDir: DirectiveWrapper, options?: GetAuthRulesOptions) => AuthRule[]; // @public (undocumented) export type GetAuthRulesOptions = GetArgumentsOptions & { isField?: boolean; }; // @public (undocumented) export const IAM_AUTH_TYPE = "IAM Authorization"; // @public (undocumented) export const IDENTITY_CLAIM_DELIMITER = "::"; // @public (undocumented) export const IS_AUTHORIZED_FLAG = "isAuthorized"; // @public (undocumented) export const LAMBDA_AUTH_TYPE = "Lambda Authorization"; // @public (undocumented) export const MODEL_OPERATIONS: ModelOperation[]; // @public (undocumented) export type ModelMutation = 'create' | 'update' | 'delete'; // @public (undocumented) export type ModelOperation = 'create' | 'update' | 'delete' | 'get' | 'list' | 'sync' | 'search' | 'listen'; // @public (undocumented) export const NONE_DS = "NONE_DS"; // @public (undocumented) export const NULL_ALLOWED_FIELDS = "nullAllowedFields"; // @public (undocumented) export const OIDC_AUTH_TYPE = "Open ID Connect Authorization"; // @public (undocumented) export const ON_CREATE_FIELD = "onCreate"; // @public (undocumented) export const ON_DELETE_FIELD = "onDelete"; // @public (undocumented) export const ON_UPDATE_FIELD = "onUpdate"; // @public (undocumented) export const READ_MODEL_OPERATIONS: ModelOperation[]; // @public (undocumented) export const RELATIONAL_DIRECTIVES: string[]; // @public (undocumented) export type RelationalPrimaryMapConfig = Map; // @public (undocumented) export interface RoleDefinition { // (undocumented) allowedFields?: Array; // (undocumented) areAllFieldsAllowed?: boolean; // (undocumented) areAllFieldsNullAllowed?: boolean; // (undocumented) claim?: string; // (undocumented) entity?: string; // (undocumented) isEntityList?: boolean; // (undocumented) nullAllowedFields?: Array; // (undocumented) provider: AuthProvider; // (undocumented) static: boolean; // (undocumented) strategy: AuthStrategy; } // @public (undocumented) export interface RolesByProvider { // (undocumented) apiKeyRoles: Array; // (undocumented) cognitoDynamicRoles: Array; // (undocumented) cognitoStaticRoles: Array; // (undocumented) iamRoles: Array; // (undocumented) lambdaRoles: Array; // (undocumented) oidcDynamicRoles: Array; // (undocumented) oidcStaticRoles: Array; } // @public (undocumented) export const SEARCHABLE_AGGREGATE_TYPES: string[]; // @public (undocumented) export interface SearchableConfig { // (undocumented) queries: { search: string; }; } // (No @packageDocumentation comment for this package) ```