User authentication by group

Hello,

How can you prohibit authentication for users of a specific group?

Tried using Client Scope-Based Policy (Authorization Services Guide), but nothing worked, the user is still authenticated.

Policy:

Expected Behavior:
If the user is a member of the group “group1”, then when entering the login and password, Keycloak prohibits the entry into the system.

Thank you!

In the process of researching restriction of impersonation to client – came across the following, which may be of interest to you: single sign on - How can I restrict client access to only one group of users in keycloak? - Stack Overflow