I would like to know how my resource-server can know which resource I can access as a member of a specific group. For now I'm doing this: request.post(`${kcConfig['auth-server-url']}/realms/${kcConfig.realm}/protocol/openid-connect/token`) .send({ grant_type: 'urn:ietf:params:oauth:grant-type:uma-ticket', audience: 'nimbee-gateway', response_mode: 'permissions' }) .set('Authorization', request.headers.authorization) .set('Content-Type', 'application/x-www-form-urlencoded') .set('X-Client', 'keycloak-nodejs-connect'); Which give me a list of all resources with permission I have since I'm in multiple groups. But how can I do to have only resources I can access for a specific group? Thanks