I’m developing a quiz API app which requires authorization for only-subscribed members can see.
How to do that? I’m thinking of putting metadata (is_subscribed) to true for subscribed member and give the scope so he/she can gain permissions.
I only know how to give to scope to the clients (which includes ALL users), which I don’t want it to happen
If I use authorization extension, I don’t know how to check if the user’s given the role to access the API.
But, I don’t know how to do it. Please help.