Hi hyunwoo kim, Thanks you for reaching out gluu support , please have a look the following gluu look with regards to pairwise id with openid connect , this might help you with your query. please go through the pairwise section of the document. https://gluu.org/docs/ce/admin-guide/openid-connect/ please feel free to revert if any further support is required on this. Thanks and Regards Mohit Mali

Hi. Mohit Mali. I have read the 4.0 version of gluu doc you presented. And I set it up according to the documentation. The setting details are as follows. 1. Configuration > JSON Configuration > oxAuth Configuration - subjectTypeSupported : Select 'public' and 'pairwise' - defaultSubjectType : Select 'pairwise' - openidSubAttribute : inum (default) - pairwiseIdType : algorithmic 2. Add OIDC Client - Subject Type : pairwise - Set 'Sector Identifier' Why do I not see the contents of the guide document when adding user or changing existing user information? The document I'm talking about is the Gluu 4.0 document, which is part of 'Administration Guild-> User Management-> Local User Management-> Managing associated Pairwise IDs'. And is it true that these 'pairwise IDs' control user access to the OIDC Client? please answer about my question. Thanks to read.

Hello hyunwoo, For SAML, you don't need OpenID client entries. You need [Trust Relationship](https://www.gluu.org/docs/ce/4.0/admin-guide/saml/#trust-relationship-requirements) for SAML connectivity.

I know what you talked about. But that doesn't seem to answer the question I asked. Please give me a definite answer.

What question?

First, I want to control access when users access my registered clients. For example, suppose I have three OpenID Connect Clients. Each is referred to as ClientA, ClientB, and ClientC. When user K attempts to access the client, I want to restrict the user to access A and B, but not to C. How should I proceed? Second, I checked the Gluu 4.0 version of Docs. There was an item called Pairwise IDs, and I think it is an item that can control access to OIDC Client. Am I right? Third, if I am right, how can I check Pairwise IDs on the Add or Edit User screen? I did the setup as described in the guide. However, it does not appear on the user management screen. For reference, my settings are as follows. 1. Configuration > JSON Configuration > oxAuth Configuration - subjectTypeSupported : Select 'public' and 'pairwise' - defaultSubjectType : Select 'pairwise' - openidSubAttribute : inum (default) - pairwiseIdType : algorithmic 2. Add OIDC Client - Subject Type : pairwise - Set 'Sector Identifier' What did I miss? please answer about my question.

Thanks. Open separate ticket for separate questions please, that will help community to search and find out specific answer on specific question. Let's concentrate on Authorization here. Gluu has different protocol for Authorization ( AS ) which is UMA. A good starting point will be to start reading from [here](https://www.gluu.org/docs/ce/4.0/admin-guide/uma/).

Okay. I will post my question on a different ticket. First I will read about UMA. Thank you for your answer.