Almost all applications mantain the permissions with the application and have no way of having at least the roles outside the application.
Is the only way to have centralized authentication but mantain the authorization inside the application or there is an standard or a way of doing it?
