External Authentication currently uses subscription permissions to verify a user's authorization to make changes to external authentication providers and credentials.  The api uses cluster permissions and if the subscription and cluster permissions did not align, there could be unexpected behavior.

• This work will be held off until OCMUI-1389 closes (passes QE).
• This work will be held off until OCMUI-1618 merges.
• API: https://gitlab.cee.redhat.com/service/uhc-clusters-service/-/blob/master/pkg/osd/external_auth_service.go?ref_type=heads#L131

A.C.

• Cluster permissions will be used for all permissions checks in external authentication
• specifically, canUpdateClusterResource will replace canEdit
• 2 files affected: BreakGlassCredentialList.tsx and ExternalAuthProviderList.tsx