Too Long; Didn't Read
RBAC stands for Role Based Access Control. Its an approach to restricting system access to authorized users by using a set of permissions and grants. This approach intends to make the governance of controls between users, vendors and customers efficient. The model is built on a hierarchical relational manner with the Role group forming the top level. The API gateway validates the user tokens and invokes the underlying micro-service API's. It then derives the associated permissions from the. data and the sends down the permission to the micro-services as part of enriched request headers.