Hi all, I got to this same question while designing an user login system for our self-care applications.If the issue gets clarified, please post the conclusions here, as I still don't have it clear.Thanks!Best regards,
the API TMF672 (User Roles and Permissions) is used to manage roles and permissions given by a party (identified as a granter) to another party (the grantee) over a specific entity that he owns (the manageableAsset defined in the userRole resource).
This API could for example be used to give to the owner of a VOD account the right to create subaccounts for his family members. In this case, the granter and the grantee are not logged in. We just handle data related to those parties.I let @Joel Burgess complete for TMF691.