Thanks for the response. Just as a follow up…
Am I correct in the assumption that if the roles are not included in the access token, the backend API will need to use a management API token to call the management api to get the user’s roles?
Thanks for the response. Just as a follow up…
Am I correct in the assumption that if the roles are not included in the access token, the backend API will need to use a management API token to call the management api to get the user’s roles?