Clive Morrish Just come across this and am curiously interested. How do these group/app-role relationships get managed? We've had a long term desire to link groups collected from AD to custom Aveksa approles, with a many:one model, e.g.
Group 1 has AppRole A
Group 2 has AppRole A
Group 3 has AppRole B
The groups are used in certain IGL contexts to restrict the scope of data, but the approles grant access that is not user-based.