Using OAuth 2.0 and OpenID Connect claims, Axioms can embed various permissions or roles in issued authorization tokens.
Create permissions for each resource describing allowed access and description to display on the consent screen. Permissions can be created around CRUD operations on data models or API verbs.
Map permissions to roles so that users are assigned a selected few roles and not a large number of low-level permissions. Roles are hierarchical so a role can inherit permissions from other roles.
If the tenant is organization enabled, this feature provides additional container and layer to group users and roles which is highly desirable if your SaaS product or digital platform is business-to-business (B2B).
RBAC in Action.
Using RBAC, group your resource permissions into roles.
Assign those roles to users. Users and roles can be mapped to an organization.