VTEX IO access control (RBAC) When this skill applies Use this skill when you need to control who can access your VTEX IO app's routes and resources: - Deciding between role-based ( ) and resource-based ( policies) access control - Securing REST endpoints so only specific apps, users, or API keys can call them - Setting up GraphQL authorization with the directive - Understanding VRN (VTEX Resource Name) syntax for declaring principals - Debugging 403 Forbidden errors caused by missing or misconfigured policies Do not use this skill for: - General service architecture (use ) - PCI compliance a…