Watch keynotes and sessions from MongoDB.live, our virtual developer conference.

Using document permissions and roles for Stitch with GraphQL

I have this definition for the owner role of a document:

{
 "userId": "%%user.id"
}

This role has read and write permissions. The userId field is an ObjectId type. I know the request is authenticated and the user is the same user whose objectId is the userId. The response is an error that I am trying to update a document that I am not the owner of. I am also using graphQL for Stitch. Does the GraphQL Authentication flow allow for using complex document roles and permissions?

Anyone know if I am doing something wrong?

Hi Lukas – The userId field will actually need to be of type String vs. ObjectId. Hope that helps!