Thank you all for your responses. As it ended up, the solution was much simpler than I thought. Application A (A third-party product) uses internal client-defined access control, and all...