We have a use-case for OAC that there would be multiple customers who would have separate catalog shared folders in the same OAC instance. So, we need to ensure that one customer cannot see other customer's folder.
We were able to achieve this by creating custom application roles in OAC /dv -> Console -> Users and Roles -> Application Roles page and assign the each custom role to its corresponding customer folder permissions
CustomerA_Role (OAC custom application role) -> assign CustomerA users in this role and make this role a member of default BIContentAuthor role
CustomerB_Role (OAC custom application role) -> assign CustomerB users in this role and make this role a member of default BIContentAuthor role
Now on 'CustomerA_Folder' permissions page add CustomerA_Role and allow the custom permissions READ, WRITE, DELETE, TRAVERSE etc, similarly for 'CustomerB_Folder', assign CustomerB_Role in its permissions page.
So, after this we are sure that if we can create custom roles through REST APIs then we would be able to achieve this use-case. Thus, we are raising this new idea request as we learnt that there are no such APIs currently available with OAC.
