---
lang: en
title: 'API docs: authorization'
keywords: LoopBack 4.0, LoopBack 4
sidebar: lb4_sidebar
editurl: https://github.com/strongloop/loopback-next/tree/master/packages/authorization
permalink: /doc/en/lb4/apidocs.authorization.html
---

<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [@loopback/authorization](./authorization.md)

## authorization package

[@loopback/authorization](https://github.com/strongloop/loopback-next/tree/master/packages/authorization)

## Classes

|  Class | Description |
|  --- | --- |
|  [AuthorizationComponent](./authorization.authorizationcomponent.md) |  |
|  [AuthorizationError](./authorization.authorizationerror.md) | The custom error class that describes the error thrown by the authorization module. Should be extracted to the common layer shared by authentication and authorization. |
|  [AuthorizationInterceptor](./authorization.authorizationinterceptor.md) |  |
|  [AuthorizeMethodDecoratorFactory](./authorization.authorizemethoddecoratorfactory.md) |  |

## Enumerations

|  Enumeration | Description |
|  --- | --- |
|  [AuthorizationDecision](./authorization.authorizationdecision.md) | Decisions for authorization |

## Functions

|  Function | Description |
|  --- | --- |
|  [authorize(spec)](./authorization.authorize.md) | Decorator <code>@authorize</code> to mark methods that require authorization |
|  [getAuthorizationMetadata(target, methodName)](./authorization.getauthorizationmetadata.md) | Fetch authorization metadata stored by <code>@authorize</code> decorator. |

## Interfaces

|  Interface | Description |
|  --- | --- |
|  [AuthorizationContext](./authorization.authorizationcontext.md) | Request context for authorization |
|  [AuthorizationMetadata](./authorization.authorizationmetadata.md) | Authorization metadata supplied via <code>@authorize</code> decorator |
|  [AuthorizationOptions](./authorization.authorizationoptions.md) |  |
|  [AuthorizationRequest](./authorization.authorizationrequest.md) | Inspired by https://github.com/casbin/node-casbin |
|  [Enforcer](./authorization.enforcer.md) | An enforcer of authorization policies |

## Namespaces

|  Namespace | Description |
|  --- | --- |
|  [AuthorizationBindings](./authorization.authorizationbindings.md) | Binding keys used by authorization component. |
|  [AuthorizationTags](./authorization.authorizationtags.md) | Binding tags used by authorization component |
|  [authorize](./authorization.authorize.md) |  |

## Variables

|  Variable | Description |
|  --- | --- |
|  [ANONYMOUS](./authorization.anonymous.md) |  |
|  [AUTHENTICATED](./authorization.authenticated.md) |  |
|  [AUTHORIZATION\_CLASS\_KEY](./authorization.authorization_class_key.md) |  |
|  [AUTHORIZATION\_METHOD\_KEY](./authorization.authorization_method_key.md) |  |
|  [EVERYONE](./authorization.everyone.md) | Built-in roles |
|  [UNAUTHENTICATED](./authorization.unauthenticated.md) |  |

## Type Aliases

|  Type Alias | Description |
|  --- | --- |
|  [Authorizer](./authorization.authorizer.md) | A function to decide if access to the target should be allowed or denied |