How It Works?

Introduction

Authentication confirms a user's identity, while authorization defines their level of access.

QueryDeck supports flexible authentication and role-based access control (RBAC) for effective authorization.

Authentication itself happens outside of QueryDeck. After a user is authenticated via your chosen auth service, you can send a JWT to QueryDeck’s API engine, which includes session variables like user role and ID.

For authorization, QueryDeck allows you to create detailed, role- and session variable-based permission rules that control data access. These permissions leverage session variables from your auth service and offer precise control down to individual rows or columns in your database.