问题
I develop applications(SPA Application + API server and windows application) to use OpenID using keycloak.
I want to control login when logging in with keycloak using keycloak groups (https://www.keycloak.org/docs/latest/server_admin/#groups).
For example, is the following application specification possible?
User A -> Group1 and Group2
User B -> Group1
Client A(SPA Application) -> Allow Group1
Client B(Windows Application) -> Allow Group2
results:
User A -> Allow to use the SPA Application(Client A) and Windows Application(Client B)
User B -> Allow to use the SPA Application(Client A)
Block application execution during authentication or authorization
Is it possible to realize only with the function of keycloak?
Or does the client need to do anything?
Thanks for your help.
来源:https://stackoverflow.com/questions/63090888/allow-or-deny-login-by-keycloak-groups-when-logging-in