To follow up on this, I created a role “LoginUser” with permission to call login function and it worked. But when I used the secret returned as a bearer token in GraphQL playground and entered a query to get a list of objects from my collection, it gave insufficient privileges error.
So the question is, once Login is successful, what determines the role that takes effect after the login secret is used as an authorization header (Bearer) in GraphQL. I’m not able to make that connection from the authorization to the role that it is related to.
For example, I have a role “LoggedinUser” that has access to the collection that I want to list. How do make that role come into action after using the secret from Login output?