User authentication by group

Hello,

How can you prohibit authentication for users of a specific group?

Tried using Client Scope-Based Policy (Authorization Services Guide), but nothing worked, the user is still authenticated.

Policy:

Expected Behavior:
If the user is a member of the group “group1”, then when entering the login and password, Keycloak prohibits the entry into the system.

Thank you!

1 Like

In the process of researching restriction of impersonation to client – came across the following, which may be of interest to you: single sign on - How can I restrict client access to only one group of users in keycloak? - Stack Overflow