Roles are for services not for users. If you have a read-only Web api then it makes sense to use a read-only role regardless of which user is using it.
This is part of what many people find so confusing. In most systems “role” is a group (or something closely resembling a group), not a user. The weird terminology confuses beginners