Authorization Policy vNext -> Request Policies #570
Description
M1/1.5 met the requirement of adding support for Database Policies. This next iteration is to apply policies at the request level: policy resolution does not result in database query predicates, and instead checks the policy against claims present in the user's token and makes a allow/deny decision.
Per RFC request policy: defines a rule that will be checked before sending any request to the database