---
lang: en
title: 'API docs: authorization'
keywords: LoopBack 4.0, LoopBack 4
sidebar: lb4_sidebar
permalink: /doc/en/lb4/apidocs.authorization.html
---

<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [@loopback/authorization](./authorization.md)

## authorization package

[@loopback/authorization](https://github.com/strongloop/loopback-next/tree/master/packages/authorization)

## Classes

|  Class | Description |
|  --- | --- |
|  [AuthorizationComponent](./authorization.authorizationcomponent.md) |  |
|  [AuthorizationError](./authorization.authorizationerror.md) | The custom error class that describes the error thrown by the authorization module. Should be extracted to the common layer shared by authentication and authorization. |
|  [AuthorizationInterceptor](./authorization.authorizationinterceptor.md) |  |
|  [AuthorizeMethodDecoratorFactory](./authorization.authorizemethoddecoratorfactory.md) |  |

## Enumerations

|  Enumeration | Description |
|  --- | --- |
|  [AuthorizationDecision](./authorization.authorizationdecision.md) | Decisions for authorization |

## Functions

|  Function | Description |
|  --- | --- |
|  [authorize(spec)](./authorization.authorize.md) | Decorator <code>@authorize</code> to mark methods that require authorization |
|  [getAuthorizationMetadata(target, methodName)](./authorization.getauthorizationmetadata.md) | Fetch authorization metadata stored by <code>@authorize</code> decorator. |

## Interfaces

|  Interface | Description |
|  --- | --- |
|  [AuthorizationContext](./authorization.authorizationcontext.md) | Request context for authorization |
|  [AuthorizationMetadata](./authorization.authorizationmetadata.md) | Authorization metadata supplied via <code>@authorize</code> decorator |
|  [AuthorizationOptions](./authorization.authorizationoptions.md) |  |
|  [AuthorizationRequest](./authorization.authorizationrequest.md) | Inspired by https://github.com/casbin/node-casbin |
|  [Enforcer](./authorization.enforcer.md) | An enforcer of authorization policies |
|  [Permission](./authorization.permission.md) | <code>Permission</code> defines an action/access against a protected resource. It's the <code>what</code> for authorization.<!-- -->There are three levels of permissions<!-- -->- Resource level (Order, User) - Instance level (Order-0001, User-1001) - Property level (User-0001.email) |
|  [Principal](./authorization.principal.md) | Represent a user, an application, or a device |
|  [Role](./authorization.role.md) | Represent a group of principals that have the same authority. There are two types of roles:<!-- -->- explicit - implicit |
|  [Subject](./authorization.subject.md) | <code>Subject</code> represents both security state and operations for a single application user.<!-- -->Such operations include: - authentication (login) - authorization (access control) - session access - logout |

## Namespaces

|  Namespace | Description |
|  --- | --- |
|  [AuthorizationBindings](./authorization.authorizationbindings.md) | Binding keys used by authorization component. |
|  [AuthorizationTags](./authorization.authorizationtags.md) | Binding tags used by authorization component |
|  [authorize](./authorization.authorize.md) |  |

## Variables

|  Variable | Description |
|  --- | --- |
|  [ANONYMOUS](./authorization.anonymous.md) |  |
|  [AUTHENTICATED](./authorization.authenticated.md) |  |
|  [AUTHORIZATION\_CLASS\_KEY](./authorization.authorization_class_key.md) |  |
|  [AUTHORIZATION\_METHOD\_KEY](./authorization.authorization_method_key.md) |  |
|  [EVERYONE](./authorization.everyone.md) | Built-in roles |
|  [UNAUTHENTICATED](./authorization.unauthenticated.md) |  |

## Type Aliases

|  Type Alias | Description |
|  --- | --- |
|  [Authorizer](./authorization.authorizer.md) | A function to decide if access to the target should be allowed or denied |