I have an API set up in IRIS which is secured using an IRIS authentication service, so there is a bearer token being passed down in the request header.
This tag unites all posts related to roles (container that holds one or more privileges for access to SQL Tables), users (identity of the login when it is connected to a database) and authorization (function of specifying access rights/privileges to resources). Read more about roles, users and authorization in Documentation.