Authorization

Some endpoints require a different set of permissions than others. If insufficient permissions are granted to the authenticated user, a 403 Forbidden response is returned.

How did we do?