Authorization

You can set one or more IFS security roles on each api. In OpenAPI, it can look like this:

```json
"x-security-roles": [
    "authenticated"
]
```

_"authenticated"_ is a special role, which means that anyone that is logged in can call this api. This is also the role that is added automatically if no security is specified in the OpenAPI file.

In the REST Api classes, an annotation named "RolesAllowed" is used to specify the access control.