Hello team Cerbos 🙂 I have been exploring and testing for the last two weeks.
With the preface that I am not experienced with access control:
The API request seems to require the ID of the resource. What about situations where there is not yet a resource ID? e.g. creating a new object - once it is created it will have an id, but not before. If my logic is right, then why is this a required field, and is there a workaround necessary? (i.e. put in a random number so it satisfies that requirement to exist)