Login
Download
Skills Development API Security and Authentication Catalog

API Security and Authentication Catalog

v20260424
webiny-api-security-catalog
This comprehensive catalog provides essential abstractions for securing web APIs. It covers the entire lifecycle of authentication, including handling roles, users, and teams. Features include robust mechanisms for managing API keys (before/after events) and dedicated use cases for user and role creation/deletion, ensuring highly scalable and secure backend development.
API Security Authentication Authorization API Keys Roles Users Backend
Get Skill
106 downloads
Overview

API — Security & Auth

Authentication, API keys, roles, users, teams event handlers and use cases.

How to Use

  1. Find the abstraction you need below
  2. You MUST read the source file to get the exact interface and types!
  3. Import: import { Name } from "<importPath>";
  4. See webiny-use-case-pattern or webiny-event-handler-pattern skills for implementation patterns

Abstractions

Name: AfterAuthenticationEventHandler Import: import { AfterAuthenticationEventHandler } from "webiny/api/security/authentication" Source: @webiny/api-core/features/security/authentication/AuthenticationContext/index.ts Description: Hook into authentication lifecycle after authentication occurs.

Name: ApiKeyAfterCreateEventHandler Import: import { ApiKeyAfterCreateEventHandler } from "webiny/api/security/api-key" Source: @webiny/api-core/features/security/apiKeys/CreateApiKey/index.ts Description: Hook into API key lifecycle after an API key is created.

Name: ApiKeyAfterDeleteEventHandler Import: import { ApiKeyAfterDeleteEventHandler } from "webiny/api/security/api-key" Source: @webiny/api-core/features/security/apiKeys/DeleteApiKey/index.ts Description: Hook into API key lifecycle after an API key is deleted.

Name: ApiKeyAfterUpdateEventHandler Import: import { ApiKeyAfterUpdateEventHandler } from "webiny/api/security/api-key" Source: @webiny/api-core/features/security/apiKeys/UpdateApiKey/index.ts Description: Hook into API key lifecycle after an API key is updated.

Name: ApiKeyBeforeCreateEventHandler Import: import { ApiKeyBeforeCreateEventHandler } from "webiny/api/security/api-key" Source: @webiny/api-core/features/security/apiKeys/CreateApiKey/index.ts Description: Hook into API key lifecycle before an API key is created.

Name: ApiKeyBeforeDeleteEventHandler Import: import { ApiKeyBeforeDeleteEventHandler } from "webiny/api/security/api-key" Source: @webiny/api-core/features/security/apiKeys/DeleteApiKey/index.ts Description: Hook into API key lifecycle before an API key is deleted.

Name: ApiKeyBeforeUpdateEventHandler Import: import { ApiKeyBeforeUpdateEventHandler } from "webiny/api/security/api-key" Source: @webiny/api-core/features/security/apiKeys/UpdateApiKey/index.ts Description: Hook into API key lifecycle before an API key is updated.

Name: ApiKeyFactory Import: import { ApiKeyFactory } from "webiny/api/security/api-key" Source: @webiny/api-core/features/security/apiKeys/shared/abstractions.ts Description: Provide code-defined API keys.

Name: ApiKeyFactory Import: import { ApiKeyFactory } from "webiny/api/security" Source: @webiny/api-core/features/security/apiKeys/shared/abstractions.ts Description: Provide code-defined API keys.

Name: ApiToken Import: import { ApiToken } from "webiny/api/security" Source: @webiny/api-core/domain/security/ApiToken.ts Description: Represents an API token identity.

Name: Authenticator Import: import { Authenticator } from "webiny/api/security" Source: @webiny/api-core/features/security/authentication/Authenticator/abstractions.ts Description: Convert an authentication token into identity data.

Name: Authorizer Import: import { Authorizer } from "webiny/api/security" Source: @webiny/api-core/features/security/authorization/Authorizer/index.ts Description: Retrieve permissions for an identity.

Name: BeforeAuthenticationEventHandler Import: import { BeforeAuthenticationEventHandler } from "webiny/api/security/authentication" Source: @webiny/api-core/features/security/authentication/AuthenticationContext/index.ts Description: Hook into authentication lifecycle before authentication occurs.

Name: CreateApiKeyUseCase Import: import { CreateApiKeyUseCase } from "webiny/api/security/api-key" Source: @webiny/api-core/features/security/apiKeys/CreateApiKey/index.ts Description: Create a new API key.

Name: createPermissionsAbstraction Import: import { createPermissionsAbstraction } from "webiny/api/security" Source: @webiny/api-core/features/security/permissions/index.ts

Name: createPermissionSchema Import: import { createPermissionSchema } from "webiny/api/security" Source: @webiny/api-core/features/security/permissions/index.ts

Name: createPermissionsFeature Import: import { createPermissionsFeature } from "webiny/api/security" Source: @webiny/api-core/features/security/permissions/index.ts

Name: CreateRoleUseCase Import: import { CreateRoleUseCase } from "webiny/api/security/role" Source: @webiny/api-core/features/security/roles/CreateRole/index.ts Description: Create a new security role.

Name: CreateUserUseCase Import: import { CreateUserUseCase } from "webiny/api/security/user" Source: @webiny/api-core/features/users/CreateUser/index.ts Description: Create a new admin user.

Name: DeleteApiKeyUseCase Import: import { DeleteApiKeyUseCase } from "webiny/api/security/api-key" Source: @webiny/api-core/features/security/apiKeys/DeleteApiKey/index.ts Description: Delete an API key.

Name: DeleteRoleUseCase Import: import { DeleteRoleUseCase } from "webiny/api/security/role" Source: @webiny/api-core/features/security/roles/DeleteRole/index.ts Description: Delete a security role.

Name: DeleteUserUseCase Import: import { DeleteUserUseCase } from "webiny/api/security/user" Source: @webiny/api-core/features/users/DeleteUser/index.ts Description: Delete an admin user.

Name: GetApiKeyByTokenUseCase Import: import { GetApiKeyByTokenUseCase } from "webiny/api/security/api-key" Source: @webiny/api-core/features/security/apiKeys/GetApiKeyByToken/index.ts Description: Retrieve an API key by its token value.

Name: GetApiKeyUseCase Import: import { GetApiKeyUseCase } from "webiny/api/security/api-key" Source: @webiny/api-core/features/security/apiKeys/GetApiKey/index.ts Description: Retrieve an API key by ID.

Name: GetRoleUseCase Import: import { GetRoleUseCase } from "webiny/api/security/role" Source: @webiny/api-core/features/security/roles/GetRole/index.ts Description: Retrieve a security role.

Name: GetUserUseCase Import: import { GetUserUseCase } from "webiny/api/security/user" Source: @webiny/api-core/features/users/GetUser/index.ts Description: Retrieve an admin user.

Name: Identity Import: import { Identity } from "webiny/api/security" Source: @webiny/api-core/features/security/IdentityContext/index.ts Description: Abstract base class for all identity types. Provides a common interface for identity checks across the codebase.

Name: IdentityContext Import: import { IdentityContext } from "webiny/api/security" Source: @webiny/api-core/features/security/IdentityContext/index.ts Description: Provides access to the current identity and its permissions.

Name: IdentityProvider Import: import { IdentityProvider } from "webiny/api/security" Source: @webiny/api-core/idp/index.ts Description: Generic identity provider for token-based authentication.

Name: JwtIdentityProvider Import: import { JwtIdentityProvider } from "webiny/api/security" Source: @webiny/api-core/idp/index.ts Description: JWT-specific identity provider for token validation.

Name: ListApiKeysUseCase Import: import { ListApiKeysUseCase } from "webiny/api/security/api-key" Source: @webiny/api-core/features/security/apiKeys/ListApiKeys/index.ts Description: List all API keys.

Name: ListRolesUseCase Import: import { ListRolesUseCase } from "webiny/api/security/role" Source: @webiny/api-core/features/security/roles/ListRoles/index.ts Description: List all security roles.

Name: ListUsersUseCase Import: import { ListUsersUseCase } from "webiny/api/security/user" Source: @webiny/api-core/features/users/ListUsers/index.ts Description: List all admin users.

Name: ListUserTeamsUseCase Import: import { ListUserTeamsUseCase } from "webiny/api/security/user" Source: @webiny/api-core/features/users/ListUserTeams/index.ts Description: List teams assigned to a user.

Name: OidcIdentityProvider Import: import { OidcIdentityProvider } from "webiny/api/security" Source: @webiny/api-core/idp/index.ts Description: OIDC-compliant identity provider with issuer validation.

Name: Permissions Kind: type Import: import type { Permissions } from "webiny/api/security" Source: @webiny/api-core/features/security/permissions/index.ts Description: Typed permissions interface for a given schema.

When the schema has literal entity types, methods are narrowed to only accept valid entity IDs. When the schema is dynamically typed, all methods accept string.

Name: RoleAfterCreateEventHandler Import: import { RoleAfterCreateEventHandler } from "webiny/api/security/role" Source: @webiny/api-core/features/security/roles/CreateRole/index.ts Description: Hook into role lifecycle after a role is created.

Name: RoleAfterDeleteEventHandler Import: import { RoleAfterDeleteEventHandler } from "webiny/api/security/role" Source: @webiny/api-core/features/security/roles/DeleteRole/index.ts Description: Hook into role lifecycle after a role is deleted.

Name: RoleAfterUpdateEventHandler Import: import { RoleAfterUpdateEventHandler } from "webiny/api/security/role" Source: @webiny/api-core/features/security/roles/UpdateRole/index.ts Description: Hook into role lifecycle after a role is updated.

Name: RoleBeforeCreateEventHandler Import: import { RoleBeforeCreateEventHandler } from "webiny/api/security/role" Source: @webiny/api-core/features/security/roles/CreateRole/index.ts Description: Hook into role lifecycle before a role is created.

Name: RoleBeforeDeleteEventHandler Import: import { RoleBeforeDeleteEventHandler } from "webiny/api/security/role" Source: @webiny/api-core/features/security/roles/DeleteRole/index.ts Description: Hook into role lifecycle before a role is deleted.

Name: RoleBeforeUpdateEventHandler Import: import { RoleBeforeUpdateEventHandler } from "webiny/api/security/role" Source: @webiny/api-core/features/security/roles/UpdateRole/index.ts Description: Hook into role lifecycle before a role is updated.

Name: RoleFactory Import: import { RoleFactory } from "webiny/api/security" Source: @webiny/api-core/features/security/roles/shared/abstractions.ts Description: Provide code-defined security roles with permissions.

Name: TeamFactory Import: import { TeamFactory } from "webiny/api/security" Source: @webiny/api-core/features/security/teams/shared/abstractions.ts Description: Provide code-defined teams.

Name: UpdateApiKeyUseCase Import: import { UpdateApiKeyUseCase } from "webiny/api/security/api-key" Source: @webiny/api-core/features/security/apiKeys/UpdateApiKey/index.ts Description: Update an existing API key.

Name: UpdateRoleUseCase Import: import { UpdateRoleUseCase } from "webiny/api/security/role" Source: @webiny/api-core/features/security/roles/UpdateRole/index.ts Description: Update an existing security role.

Name: UpdateUserUseCase Import: import { UpdateUserUseCase } from "webiny/api/security/user" Source: @webiny/api-core/features/users/UpdateUser/index.ts Description: Update an existing admin user.

Name: UserAfterCreateEventHandler Import: import { UserAfterCreateEventHandler } from "webiny/api/security/user" Source: @webiny/api-core/features/users/CreateUser/index.ts Description: Hook into user lifecycle after a user is created.

Name: UserAfterDeleteEventHandler Import: import { UserAfterDeleteEventHandler } from "webiny/api/security/user" Source: @webiny/api-core/features/users/DeleteUser/index.ts Description: Hook into user lifecycle after a user is deleted.

Name: UserAfterUpdateEventHandler Import: import { UserAfterUpdateEventHandler } from "webiny/api/security/user" Source: @webiny/api-core/features/users/UpdateUser/index.ts Description: Hook into user lifecycle after a user is updated.

Name: UserBeforeCreateEventHandler Import: import { UserBeforeCreateEventHandler } from "webiny/api/security/user" Source: @webiny/api-core/features/users/CreateUser/index.ts Description: Hook into user lifecycle before a user is created.

Name: UserBeforeDeleteEventHandler Import: import { UserBeforeDeleteEventHandler } from "webiny/api/security/user" Source: @webiny/api-core/features/users/DeleteUser/index.ts Description: Hook into user lifecycle before a user is deleted.

Name: UserBeforeUpdateEventHandler Import: import { UserBeforeUpdateEventHandler } from "webiny/api/security/user" Source: @webiny/api-core/features/users/UpdateUser/index.ts Description: Hook into user lifecycle before a user is updated.

Info
Category Development
Name webiny-api-security-catalog
Version v20260424
Size 13.64KB
Source webiny/webiny-js
Updated At 2026-04-28
Language
简体中文
English