Hi all, I've noticed that the "/realms" REST endpoint need authentication, but is callable without "REALM_LIST" entitlements, is this by design?
Furthermore, the list of realm returned start from the root (not only from the realm of the user calling the method). The "/domains" REST endpoint seems to have a similiar behavior: return 200 OK with an empty list, but in this case, I think is intentional because the domain could be used to log in. Thank you very much
