Ways to implement coarse-grained authentication to expose REST APIs using Spring

Question

We have a scenario where we have Authentication and ABAC Authorization but don\'t have control over what APIs a consumer can call. We have been using a consumer Id concept (