Rather than just be able to specify This Role allow to specify a named role.
I want to be able to have content created by the API assigned to a role, then be able to allow other roles/users to edit view that content only - right now i cannot do this…
for example
API creates content as Tenant1APIRole
Then i have other roles
Tenant1Viewer - view all content created by Tenant1APIRole
Tenant1Editor - derive from Tenant1Viewer + Edit
etc…