Users and groups are managed using permissions and roles in Keycloak. All users of the user interface must be members of the corresponding permission roles in Keycloak.
The roles are created automatically when the app is imported. Once the roles have been created, you must assign these roles to the users in the Keycloak administration.
In Keycloak, add the roles under Role Mappings > Client Roles > app-server per user or group.
For more information on managing users and groups in Keycloak, see the Keycloak Administration Guide: Server Administration Guide.
All users of edoc invoice link for IGF must be members of the link_igf permission role in Keycloak. Users in the admin role can also access the application.