I have created resources via api  for a users {kc-host}:{kc-port}/auth/realms/{realm}/authz/protection/resource_set/ I have created policy which decides based on the relation between the resource owner and identity user like thisvar identity_user = $evaluation.context.identity.id;var resource_owner = $evaluation.permission.resource.getOwner(); var identity_user_attrs = $evaluation.realm.getUserAttributes(resource_owner) ;var allowed_agents = identity_user_attrs.allowed_agents ;if ( resource_owner == identity_user ){    $evaluation.grant();    }else if (allowed_agents !== null && allowed_agents[0].indexOf(identity_user) > -1 ) {    $evaluation.grant();} else {    $evaluation.deny();} I am able to evaluate the permission for various users & (agent users) on keycloak admin console in realm->client->autherization->evaluation tab It is evaluating properly How can I get same permission/ deny from a rest api so that I can call from my client on behalf of identity user with identity users access token as autherization (or other method or autherization) either simple permitted/deny or  "permissions": [      {        "scopes": [          "read"        ],        "rsid": "e1617f7c-dffe-42c9-b91f-476e8a810c4a",        "rsname": "kyc1"      }    ] kind of output is required I tried {kc-host}:{kc-port}/auth/realms/{realm}//authz/protection/permission I get opaque permission ticket, how can I decode this? thank you Suresh