To reiterate my question:
- Can I forge authorization request for any user (not just the authenticated one) ?
Based on documentation, the policies are evaluated by Policy Enforcer, and permissions are bound to bearer token.
To reiterate my question:
Based on documentation, the policies are evaluated by Policy Enforcer, and permissions are bound to bearer token.