keycloak + pomerium, why configure option allowed_group is invalid in config.yaml
config.yaml
pomerium_debug: true
# keycloak
idp_provider: oidc
idp_provider_url: http://localhost:8080/auth/realms/myrealm # keycloak
idp_client_id: myidp
idp_client_secret: myidp
idp_service_account: "ewogICJjbGllbnRfaWQiOiAibXlpZHAiLAogICJzZWNyZXQiOiAibXlpZHAiCn0="
policy:
- from: https://verify.localhost.pomerium.io
to: http://verify.pomerium.com
# vaild
# allowed_users:
# - jack@test.com
# invaild?
allowed_groups:
- /group1/techGroup
cors_allow_preflight: true
timeout: 30s
pass_identity_headers: true
if use configure option allowed_users is ok, but allowed_groups is invaild. why?
groups list:
/group1/adminGroup
/group1/techGroup