SPA app signs in the AzureAD and get the access token api:api app id/acces_as_user. However no roles are in the access token.
api:api app id/acces_as_user
*created() { //
