@soaproot This is technically RBAC, sure, but the trouble is that RBAC sort-of-kind-of implies assigning a user to (one or more) roles within one over-arching organization. Like, you're employed by Soulless Global MegaCorp Inc, and when you log on to the corporate network, you have certain access permisions due to having certain roles within SGMC, Inc.

PAMT is a little bit different because there isn't one authority granting the roles. The user is associated with different organizations, each of whom has their *own* organizational account within the service provider (whether that org account has its own dedicated login account or not doesn't matter), and each of those orgs might assign that user a role within their org's "area" or "domain" (or whatever you want to call it) within that service provider.

I feel like if I say "RBAC" to someone who is entirely familiar with RBAC, they're not necessarily going to think of PAMT. It's sufficiently different to need its own label.