Skip to content

Commit 6980051

Browse files
committed
update
1 parent 557614b commit 6980051

1 file changed

Lines changed: 2 additions & 2 deletions

File tree

README.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -320,8 +320,8 @@ Both roles and policies are supported for output graph types, fields on output g
320320
and query arguments. If multiple policies are specified, all must match; if multiple roles
321321
are specified, any one role must match. You may also use `.Authorize()` or the
322322
`[Authorize]` attribute to validate that the user has authenticated. You may also use
323-
`.AllowAnonymous()` and `[AllowAnonymous]` to allow fields to be returned to
324-
unauthenticated users within an graph that has an authorization requirement defined.
323+
`.AllowAnonymous()` and/or `[AllowAnonymous]` to allow fields to bypass authorization
324+
requirements defined on the type that contains the field.
325325

326326
Please note that authorization rules do not apply to values returned within introspection requests,
327327
potentially leaking information about protected areas of the schema to unauthenticated users.

0 commit comments

Comments
 (0)