# `Ash.Authorizer`
[🔗](https://github.com/ash-project/ash/blob/v3.23.1/lib/ash/authorizer.ex#L5)

The interface for an ash authorizer

These will typically be implemented by an extension, but a custom
one can be implemented by defining an extension that also adopts this behaviour.

Then you can extend a resource with `authorizers: [YourAuthorizer]`

# `context`

```elixir
@type context() :: map()
```

# `state`

```elixir
@type state() :: map()
```

# `add_calculations`
*optional* 

```elixir
@callback add_calculations(Ash.Query.t() | Ash.Changeset.t(), state(), context()) ::
  {:ok, Ash.Query.t() | Ash.Changeset.t(), state()} | {:error, Ash.Error.t()}
```

# `alter_filter`
*optional* 

```elixir
@callback alter_filter(filter :: Ash.Filter.t(), state(), context()) ::
  {:ok, Ash.Filter.t()} | {:error, Ash.Error.t()}
```

# `alter_results`
*optional* 

```elixir
@callback alter_results(state(), [Ash.Resource.record()], context()) ::
  {:ok, [Ash.Resource.record()]} | {:error, Ash.Error.t()}
```

# `check`

```elixir
@callback check(state(), context()) ::
  :authorized
  | {:data, [Ash.Resource.record()]}
  | {:error, :forbidden, state()}
  | {:error, Ash.Error.t()}
```

# `check_context`

```elixir
@callback check_context(state()) :: [atom()]
```

# `exception`
*optional* 

```elixir
@callback exception(atom(), state()) :: no_return()
```

# `initial_state`

```elixir
@callback initial_state(
  Ash.Resource.t(),
  Ash.Resource.record(),
  Ash.Resource.Actions.action(),
  Ash.Domain.t()
) :: state()
```

# `strict_check`

```elixir
@callback strict_check(state(), context()) ::
  {:authorized, state()}
  | {:continue, state()}
  | {:filter, Keyword.t()}
  | {:filter, Keyword.t(), state()}
  | {:filter_and_continue, Keyword.t(), state()}
  | {:error, term()}
```

# `strict_check_context`

```elixir
@callback strict_check_context(state()) :: [atom()]
```

---

*Consult [api-reference.md](api-reference.md) for complete listing*