We have support for OAuth2 based authentication. Now we want to add OAuth 2 based authorization.

The expected steps:

• Need to see if there are existing integrations and see how they are done (I hear there is Istio - Keycloak integration, need to take a closer look)
• Start implementing a prototype of roles-based authorization (using JWT token claims)
• Alternatively, consider UMA approach using Keycloak Authorization Services
• Include examples and docs for the impl, and include some testsuite integration tests