What's the consistency model for operations against your API? When my backend grants a user access to some resource, will all subsequent permission checks immediately grant that access?
If not, how are user signups supposed to work? If I create a user and set up their permissions in Warrant, will my users' first-time experience consist of a permission denied error?
Updates to the API are immediately reflected in subsequent access requests, so new users who sign up in your system would immediately have the appropriate access rules
If not, how are user signups supposed to work? If I create a user and set up their permissions in Warrant, will my users' first-time experience consist of a permission denied error?