Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Part A:

You can use Ory Kratos for the user authentication and self-service part and Ory Keto to implement roles and permissions. You can either selfhost those services or use them in Ory Cloud.
For different example implementations check the documentation, and also the community contributed projects:
<https://www.ory.sh/docs/ecosystem/community/>
Also check out factlys talk, could be related: <https://www.youtube.com/watch?v=yOCfp5ylTzs>

<@U011D3UQKNY> thanks for suggestions. How about Part-B ?

And for Part B, I suggest to take a look at Ory Oathkeeper. This article is a bit dated but on a high level it still can be useful:
<https://www.ory.sh/api-access-control-kubernetes-cloud-native/#ory-oathkeeper>

Hey <@U0282JY0F3K>
Did you make any progress?
I am looking to improve the docs a bit for use cases like yours.
Would you be willing to start a discussion on GitHub with your above description and any other info that you want to add around your use case?

<https://github.com/ory/kratos/discussions/new>

That would help us a lot to plan these new guides &amp; tutorials, thanks!