Creates a new entitlement.

The API creates a new entitlement of type role or permission for a specific tenant. In case the entitlement is a dynamic role it cannot be associated with any application while creation.
In case of roles it is possible to add a list of children which could possibly be a set of roles as well as permissions.
The children can be added or removed via API POST /authz/v1.0/entitlements/{entitlement}/children.
Entitlements required: tenantadmin [Tenant Administrator], manageAppAccessOwner [Manage Application Entitlements], manageEntitlements [Manage Entitlements].