Keycloak -> How to fetch permissions attached to a single role or group

[Rohit Patidar]

Scenerio : Use Groups for multi tenancy (One user working for different organizations) -

1. Create one group for each org like group_org1, group_org2 etc.
2. Provide permissions to above groups using group policy (using confidential client authorization tab). Ex :- group_org1 has permission on resource1 and group_org2 has permission on resource2.
3. Assign above groups to a user , hence user will have 2 groups and, permission on resource1 & resource1.
4. Now groups fetched for this user will be used as organizations in application.
5. When selected org1 then application will work according to the permissions attached to group org1 i.e. permission only on resource1.

Question : As of now if I try to fetch authorization permissions for a user then keycloak will give me combined permissions attached to both the groups i.e. on resource1 and resource2 . I need to fetch permissions attached to single group using keycloak rest-api. (after fetching this specific permissions I can authorize user in the application for given resource)

Hope I made my question a bit clear.

Thanks.