Good day,
I am running Keycloak 26.1.0 with a LDAP federated realm, containing all my domain users.
I have the following scenario:
- Group A = Administrators
- Group B = Technicians
- Group C = Domain Users
I need to allow Group A to manage the details and group membership of both Group B and Group C, and I need Group B to only manage Group C details and group membership. Group C should only have access to their own self service portals.
It seems that due to the SAML limitation on Fine Grained Authorization, I can't achieve this. Can someone please assist with a workaround or the steps to achieve this.
Kind Regards
