Maybe this is actually not too bad, it means the app will have server side authorisation and yep then we can use the role annotation. I think still we should add some extra information to the token like role and display name. Will save some requests asking for basic information
Maybe this is actually not too bad, it means the app will have server side authorisation and yep then we can use the role annotation. I think still we should add some extra information to the token like role and display name. Will save some requests asking for basic information