Hi @andrea.chiarelli
Thanks for the article, it was very entertaining to read. On the other hand, I have a certain doubt that I hope you can help me clarify.
Let me put you in context, I have created my own authorization server and resource server (both in Spring Boot) and my client is being developed in Angular. Users have their roles (SUPER_ADMIN, ADMIN, USER, etc.) my question is how do I determine in my Angular application the html views to show according to the user role, because in your article you mention that “the access token should not be inspected by the client application. It is destined to the resource server” and precisely my access token contains the roles in a custom way or should I place those roles in the identification token, but according to your article “the identification token will not have scopes granted, those scopes are associated with the access token”, so how could I work in that case, that is my doubt, I hope I have been able to explain. I would be very grateful if you could clarify the doubt. Thank you very much. 