Clients need access to AAP /judge #27
Description
All clients should be subscribed to AAP scope aap:read:entities:judge and granted by default.
This goes to the idea of access needs to be explicitly defined in the model or it is deny.
Currently all clients as long as they have an id can judge, but the endpoint should be protected.