SPRING SECURITY CRM REST API with AUTHENTICATION in memory and AUTHORIZATION
I made CRM REST API with authentication in memory.User can have 3 roles:employee, manager and admin.
I secured all REST endpoints and adds following security authorizations: EMPLOYEE role can perform GET http request method, MANAGER can perform GET, POST and PUT http request methods and ADMIN can perform GET, POST, PUT and DELETE http request methods, ie. All CRUD methods.
On the following picture we can see the same this example using REST CLIENT POSTMAN with POST http request method. In the section Authorization we also added username and password in POSTMAN, it is obvious that this user has role MANAGER or ADMIN because we are using here POST http request method.