Keycloak V26.1.0 - SAML authentication - Management of domain Users but excluding administrators

Question

Good day,

I am running Keycloak 26.1.0 with a LDAP federated realm, containing all my domain users.

I have the following scenario:

Group A = Administrators
Group B = Technicians
Group C = Domain Users

I need to allow Group A to manage the details and group membership of both Group B and Group C, and I need Group B to only manage Group C details and group membership. Group C should only have access to their own self service portals.

It seems that due to the SAML limitation on Fine Grained Authorization, I can't achieve this. Can someone please assist with a workaround or the steps to achieve this.

Kind Regards

Keycloak V26.1.0 - SAML authentication - Management of domain Users but excluding administrators

Answers (0)

Related Questions