In the commit 0ce10a3249db69592cb7fee70cefd4a2eec66423, three new AccountRoles were added: view-applications view-consent manage-consent Do we need/want such fine grain access control? Or should we stick with just using manage-account and view-profile? Regards Doug