I would like some advice and know how to better obtain this use-case.
IGL usually works by collecting entitlements (already present) from various endpoints and then, once the entitlements are known and collected, they can be associated to the users rather than an user can later ask to have that entitlement.
The question is:
Can I from IGL side create entitlements and THEN I create those entitlements on the target applications?
The goal is to have an application able to read the entitlements that a user has in his application-specific database but that those entitlements are created by IGL and not by the application.
So on the IGL side we would like to have the possibility to create a new entitlement (therefore creating it from IGL) and write it directly to the specific application database.
The application in turn will then reads this entitlement to make the necessary decisions.
Is such an approach possible? Do you have any advice?