Merge user information with apps information on response
If no access token is provided all apps should be marked as unavailable. If token is provided check against user access details and send back all applications marking those accessible as such.
If no access token is provided all apps should be marked as unavailable. If token is provided check against user access details and send back all applications marking those accessible as such.