We wso2 4.1
We have 10 APIs in publisher with 4 tier subscription free , gold, silver, unlimited.
We have multiple user initially with free tier if they want to go for any paid tier like gold or unlimited
We are create access role as access_gold, access_unlimited like in carbon and added in throttle policy at admin portal as permission group.
4 user who want to access api A with thottle subscription gold we are added in gold access so need role but it allows all other api with gold access
How to resolve
First of all your question is not quite clear. How the permissions of a subscription policy works is, if the allowed roles are given for the gold tier, then only the users with access_gold role will be able to use it in developer portal. So if gold tier is attached to both API A and B in publisher portal, then both API A and B are allowed to subscribe from gold tier by a user with access_gold role. If you want to only allow access to API A, then you need to create another subscription policy specific to API A, like gold_API_A tier and only use that for API A from publisher portal.