I am looking for the following answer: Has anyone tried to implement instance-level RBAC with KeyCloak?
I have the following requirement: the user can be assigned a role within the instance of the resource type. Say, you have a resource type called Group. Within that Group, the user can be Group Admin, Group Editor, Group Viewer.
But outside that Group, the user has an organization-wide role.
So, I have 2 policies here organization-wide RBAC and instance-level RBAC.
I hope, it makes sense. Any help will be greatly appreciated.