By: matt dillenkoffer user 29 Jan 2016 at 1:37 p.m. CST

1 Response
matt dillenkoffer gravatar
It seems that when you put a user in the Gluu LDAP that user can be redirected by any registered client to Gluu for authentication and subsequently be given access to that client. My question is how would you put users in groups and say people in group A have access to clients 1, 2 and 3 but people in group B have access to clients 4, 5 and 6?

By Michael Schwartz Account Admin 29 Jan 2016 at 2:41 p.m. CST

Michael Schwartz gravatar
Its up to the RP to decide what content to display to the person. One strategy can be to filter based on a user claim. Take a look at [mod_auth_oidc]( ... how they use the `Require claim` syntax. Also, although you have SSO across all the websites, remember that the scopes released to each client could be different.