| Situations where you have enterprise setups have users measured in the 10s of thousands. There will be existing tooling around ACL management (typically AD). User Access Management groups, geo-separated local account manager, multiple help-desks to allow for disaster plans (pandemics, fires, localized grid failures). Access can be as simple as: - my application will use a system-account, and we'll manage access - my application will pass user credentials (based on AD), these are the groups (based on AD) that have read/write/delete access; regional team leaders will request access using existing UAM, regional managers will authorize requests, your existing tooling will process those requests as you are the designated authority over those groups Changing this requires either exceptional levels of observable returns on effort, or extreme will-power and political power. During evaluation of MS SQL / PostgreSQL / whatever, fitting into existing UAM will be a requirement. |