resolver

Either null, or a function that receives:

  • the arguments of the operation

  • the account ID

  • a list of auth descriptor IDs and returns the ID of the auth descriptor that should be used to authorize the operation, or null if none is acceptable.

If this function is defined, it will be called by the client to pick the best auth descriptor to use between the ones that are available.

If flags is not an empty list, it will be used to preselect which auth descriptors to pass to the resolver - otherwise, all auth descriptors can be passed, and the resolver could manually check flags if needed.

This behavior allows the resolver to define cases in which one of the auth descriptors could call a certain operation with some flags, while a different auth descriptor needs a different flag to call the same operation.