I have scanned the documentation, but dont see an indepth explanation.
I am curious what the purpose of the "User" role is - given that it has no permissions out of the box? Is it purely demonstrative?
@edarib is right about the User Role.
For example if you enable LDAP, users will be able to login with their windows credentials but they won't have any access until you explicitly grant it.
Another use case: If you allow Self-Registration, you want to first review the request before assigning a role with access to your application.
Have an answer to this question? Log in and write your answer.