@sgo Thanks again for the reply. One final question…
Roles have permissions associated with them. So once the backend were to get the roles, would it then have to make yet another call to get the permissions?
Or is it typical skip getting the roles and go straight to getting the permissions (are Role permissions included in this call)?
Or is it typical to cache the roles & permissions on the backend API server to keep from having to make those requests with every API call.