Is the CRUD method for authorisation used (Create, Read, Update, Delete)?
Yes, all operations are performed via the Alloy API using a REST’ful model, HTTP verbs represent the various CRUD operations and the objects being operated on are subject to permissions configured in Alloy. This means all CRUD operations are granted via Authorisation checks.