Quick question on how authorisation works with IAM tools in practice. Since authorisation (RBAC, least privilege) sits under the IGA layer, please could you share from a day-to-day angle any real or challenging scenarios you've encountered and how you fixed them? A few things I'm curious about: a) What authorisation issues come up most often, and which ones keep recurring?
b) Which of those were automated? And which are the hardest to automate, the ones that still need human decisions?