use cookies and header with access token instead of jwt in parameter | get from usermanagement service the roles and user e-mail | enable delete for administrators
Copy for Java8 migration