Authorization in Platformatic DB is role-based. User authentication and the assignment of roles must be handled by an external authentication service.
Authorization strategies and rules are configured via a Platformatic DB configuration file. See the Platformatic DB Configuration documentation for the supported settings.
Bypass authorization in development
To make testing and developing easier, it's possible to bypass authorization checks
adminSecret is set. See the HTTP headers (development only) documentation.