How are custom data entitlements achieved with the Okta authorization solution?
Imagine the following scenario:
Service A is responsible for providing bank account balances. When a user requests to see their bank account balances, the service should respond with the bank accounts they are entitled to. If they request a set of accounts, only the ones permitted should be returned. How can I achieve this using Okta?
Can I attach custom information to the user’s information such that their entitlements are part of the authentication and authorization workflow?
Thanks in advance,