My vault is working both with ldap and OIDC, no problem on config
My question is about OIDC. Today, it’s role who map groups linked to my idp who allow user with policy.
But on UX, it’s not easy to provide role, i mean user have to know which role they must set on the UI but it’s complex to maintain and to explain to users (could be QA, dev, functionnal guys…).
Is it possible to use only default role and like we have inside ldap, map a group to a policy with OIDC ?
I mean, user is log in with default role and if he is on group admin, match policy admin. If he is on feature “toto”, he have access to policy “toto” ?
Hope I’m clear