I have a realm with nested groups that denotes a hierarchical corporate
Users belong to one particular group along the /corp/org subtree, but might
also be members of one or more groups from a different subtree, e.g.,
Is it possible to have dedicated admin users at /corp, /branchX, /divisionX
level who can only view and manage the users from their group or subtree
with an admin-console scoped to a fixed realm?
admin-console scoped to group-hierarchy-demo realm:
If a user logs in as divsion1-admin-user, he should only be able to see and
manage the users beneath the path (/corp/org/branch1/division1/*).
Does the fine-grained permission system already support use cases like this?