A comprehensive monorepo of NestJS libraries for building standardized APIs with JSON:API and JSON-RPC 2.0 specifications, with fine-grained access control and resource permissions.
This monorepo provides a complete set of tools to simplify the development of server and client applications using NestJS. It includes support for two popular API protocols and a powerful access control system:
API Protocols:
- JSON:API β Build RESTful APIs with standardized request/response formats
- JSON-RPC 2.0 β Implement remote procedure calls using JSON
Access Control:
- CASL β Fine-grained access control with full integration for JSON:API resources
All packages are designed to work seamlessly with modern ORMs like TypeORM and MikroORM, and include built-in support for PGlite for local development.
- Node.js >= 20.0.0
- npm or yarn
Build production-ready JSON:API compliant REST APIs with automatic CRUD generation, filtering, sorting, pagination, and relationship handling.
| Package | Description |
|---|---|
| json-api-nestjs | Core library for creating JSON:API compliant servers. Automatically generates endpoints for CRUD operations, relationships, filtering, sorting, pagination, and atomic operations. Supports TypeORM and MikroORM adapters. |
| json-api-nestjs-typeorm | TypeORM adapter for json-api-nestjs. Enables JSON:API functionality with TypeORM entities, migrations, and repositories. |
| json-api-nestjs-microorm | MikroORM adapter for json-api-nestjs. Provides JSON:API support with MikroORM entities, migrations, and advanced query features. |
| json-api-nestjs-sdk | Type-safe client SDK for consuming JSON:API endpoints. Works with Axios, Fetch API, and Angular HttpClient. Supports filtering, sorting, includes, atomic operations, and provides full TypeScript type inference. |
Implement JSON-RPC 2.0 servers and clients with support for HTTP and WebSocket transports, batch requests, and automatic method discovery.
| Package | Description |
|---|---|
| nestjs-json-rpc | JSON-RPC 2.0 server implementation for NestJS. Supports HTTP and WebSocket transports, batch requests, custom error handling, and automatic method registration via decorators. |
| nestjs-json-rpc-sdk | Type-safe JSON-RPC client SDK with automatic method inference, batch request support, and WebSocket/HTTP transport options. |
Add fine-grained Access Control Lists to your JSON:API endpoints using CASL with template-based rule materialization.
| Package | Description |
|---|---|
| nestjs-acl-permissions |
Type-safe ACL module with CASL integration for JSON:API endpoints. Features template interpolation, field-level permissions, context-based rules, lazy evaluation, and transparent ORM-level filtering. Can be used standalone or with automatic integration via json-api-nestjs.
|
This monorepo uses Nx and supports TypeORM and MikroORM with PGlite for local development.
# Install dependencies
npm install# Initialize database and run migrations
npm run typeorm:up:remove # Removes existing DB and runs migrations
# Or just run migrations (if DB exists)
npm run typeorm:up
# Seed the database
npm run typeorm:seeder# Initialize database and run migrations
npm run microorm:up:remove # Removes existing DB and runs migrations
# Or just run migrations (if DB exists)
npm run microorm:up
# Seed the database
npm run microorm:seeder# Using npm script
npm run demo:json-api
# Or using nx directly
nx run json-api-server:serve-typeormServer will start on http://localhost:3000 (or configured port)
Available endpoints:
GET /api/users- List all usersGET /api/users/:id- Get single userPOST /api/users- Create userPATCH /api/users/:id- Update userDELETE /api/users/:id- Delete userGET /api/users/:id/relationships/:rel- Get relationships- And more...
# Using nx
nx run json-api-server:serve-microorm- Automatic CRUD Generation β Generate complete REST APIs from ORM entities
- JSON:API Compliant β Full specification support including relationships, filtering, sorting, pagination, sparse fieldsets
- Atomic Operations β Perform multiple operations in a single request
- Type Safety β Full TypeScript support with type inference
- Multiple ORMs β Support for TypeORM and MikroORM
- JSON-RPC 2.0 β Implement RPC servers with HTTP/WebSocket transports
- Access Control β Fine-grained permissions with CASL integration
- Swagger/OpenAPI β Automatic API documentation generation
- Extensible β Override default controllers and services
Each package has detailed documentation in its own README:
- json-api-nestjs
- json-api-nestjs-typeorm
- json-api-nestjs-microorm
- json-api-nestjs-sdk
- nestjs-json-rpc
- nestjs-json-rpc-sdk
- nestjs-acl-permissions
For detailed usage examples and real-world scenarios, refer to the comprehensive E2E test suites. These tests serve as living documentation and demonstrate best practices:
Learn how to use the JSON:API client SDK with various operations:
- GET Operations β Fetching resources, filtering, pagination, sparse fieldsets, and relationships
- POST Operations β Creating resources with relationships
- PATCH Operations β Updating resources and relationships
- Atomic Operations β Batch requests with multiple operations
- Advanced Configuration β Custom routes, UUID IDs, validation pipes
- Common Decorators β Guards, interceptors, and exception filters
Explore JSON-RPC 2.0 client usage patterns:
- HTTP Transport β Single and batch RPC calls over HTTP, error handling
- WebSocket Transport β Real-time RPC over WebSocket connections
Understand fine-grained permission enforcement with CASL integration:
- GET All Resources β Field-level and row-level filtering
- GET One Resource β Resource-level access control
- GET Relationships β Relationship endpoint permissions
- PATCH Operations β Update permissions with field and value restrictions
- POST Operations β Create permissions with conditional validation
- DELETE Operations β Conditional delete based on resource state
- Atomic Operations ACL β ACL enforcement across batch requests
Each test file includes detailed JSDoc comments explaining the scenarios, ACL rules, and expected behavior.
Contributions are welcome! Please feel free to submit a Pull Request.
This project is MIT licensed.
Made with β€οΈ by Aleksandr Kharkovey