Role-based security with remote Edge gateways

I’m setting up a test platform with an Azure cloud gateway and remote tag providers from 3 Edge gateways running on physical machines at my location. Perspective sessions on the cloud gateway will be the only client type used.

I’ve configured 3 users, each with a different single role. I would like each role to have permissions on one Edge Gateway only.

With Perspective and tag security set to authenticated>role, permissions on local cloud gateway tags works as expected, but remote provider tag permissions are not working properly, either being always enabled or disabled depending on Gateway security configuration.

Any advice as to how I should configure my Edge gateways so that remote tag security with one accessible to each role works correctly.