I am writing a SPA (VueJS based) in which I have a button “EDIT” on a page. I would like to enable this button only for users which have a certain permission assigned, e.g. “update:blogs”.
I could decode the jwt and see if there is “update:blogs” in the permissions array of the tokens payload… is there a recommended “best practice” how to do this? something “out of the box” would be nice