I have a Gitlab instance where we can connect in SSO with Keycloak in OIDC (omniAuth). Which works perfectly.
I have a keyclaok instance accessible via a url that allows me to manage groups, users...
I would like to restrict the access of my GitLab instance to some present groups in my Keycloak how can I do that ?
I have already tried to create roles by assigning them to groups, I have also tried to add policies to my client by adding groups that should have no access but it does not restrict access.
I tried to follow the exchanges on the following pages:
Keycloak: Role based client log-in access restriction for users
How can I restrict client access to only one group of users in keycloak?
But following what it says, I don't have the desired result.
If someone has an idea, thanks in advance.
Here is my configuration for my client:
