Hi, Users have been asking for additional methods in the Evaluation API in order to query the realm for additional information about users such as group membership, roles, etc. The main requirement is to allow query these information not only for the user trying to access a resource but any other user, including owners of resources, from a realm. For that, I've added a new interface [1] from which policies can query these information. I think that would give a lot more flexibility for those writing policies in Keycloak using JS or Drools. The corresponding JIRA is https://issues.jboss.org/browse/KEYCLOAK-6628. [1] https://github.com/keycloak/keycloak/pull/5077/files#diff-136248257141060... Regards. Pedro Igor