[EgeAytin]

Not 100% sure I understand what you meant with "reflection" but to give a quick overview on data management:

Permify stores authorization data as relations in a database you prefer and perform access checks (and other queries as well) according to stored relations/authz data. And since user identities exist/stored in providers, they should be mapped Permify to store necessary authorization data/relations. So providers can feed Permify but not vice versa.

For more information about how we're managing authorization, check our docs: https://docs.permify.co/docs/getting-started/sync-data