Is your feature request related to a problem? Please describe.
All the samples run out of a single tenancy and use a single token, so they do not demonstrate or exercise ABAC or OBAC Access Policies
Describe the solution you'd like
A sample that uses different access tokens for different actors in the scenario, plus documentation of a model Access Policy to use that sample to demonstrate multi-tenant and/or multi-user operation.
Describe alternatives you've considered
Manual multi-user operations with SBOMs are OK but time-consuming and not easily reproducible.
Additional context
Numerous larger supply-chain focused users of RKVST have requested this. Best to get an example in.