Feature request - Cookie based authentication

[LeftoversTodayAppAdmin]

Is your feature request related to a problem? Please describe.

GraphQL Mesh and Hive Gateway currently support JWT based authentication. However, a lot of web applications need to use Cookie based authentication and the support for this is missing.

Describe the solution you'd like

• GraphQL Mesh and Hive Gateway need support for cookie based authentication and RBAC
• For example, the webapp would use a hook for login/logout which would redirect to Keycloak serving as the identity provider
• After successful login, Keycloak would redirect to a Hive Gateway callback URL which would then set the cookie for the user
• We would also need support for hooks that allow us to perform pre-auth and post-auth operations, such as storing additional tokens, roles etc. in the cookie before setting the cookie for the user
• Within the webapp, the SDK would also need hooks to get user logged in status and attributes from the cookie
• The query RBAC and authorization would also need to be read from the cookie and applied during query/mutation execution

Describe alternatives you've considered

I am currently using Wundergraph Backend For Frontend SDK which supports all of the above features and has been very helpful. The SDK however has been deprecated as of 2025 and I am migrating to the Guild stack. With first class cookie based authentication support it would help not just me but all developers leveraging the stack.

Additional context

Here are the Wundergraph feature docs, I am happy to provide real world examples from my repo as well:

Configuring Keycloak for cookie based auth - https://github.com/LeftoversTodayAppAdmin/leftoverstoday-bff-sdk/blob/main/docs-website/src/pages/docs/auth/cookie-based-auth/keycloak/index.md

postAuthentication hook: https://github.com/LeftoversTodayAppAdmin/leftoverstoday-bff-sdk/blob/main/docs-website/src/pages/docs/wundergraph-server-ts-reference/post-authentication-hook.md

postLogout hook: https://github.com/LeftoversTodayAppAdmin/leftoverstoday-bff-sdk/blob/main/docs-website/src/pages/docs/wundergraph-server-ts-reference/post-logout-hook.md

mutatingPostAuthentication hook: https://github.com/LeftoversTodayAppAdmin/leftoverstoday-bff-sdk/blob/main/docs-website/src/pages/docs/wundergraph-server-ts-reference/mutating-post-authentication-hook.md

[ardatan]

I haven't checked the example you shared deeply but have you seen these?
Extracting tokens from the cookie -> https://the-guild.dev/graphql/hive/docs/gateway/authorization-authentication#token-lookup
RBAC -> https://the-guild.dev/graphql/hive/docs/gateway/authorization-authentication#rolescope-based-authentication-rbac-with-requiresscope-directive