I am working on providing app security for OKTA users(We did SAML configuration as per the Qlik guideline), we have two user directories now PRD(LDAP) and OKTA one.
I am able to restrict stream for OKTA users using user.userdirectory="OKTA" condition and it is working fine. Further I want to restrict apps within this stream should be accessible to OKTA users as per the respective roles they have, not all apps should visible to user. Here these roles we have with LDAP user directory.
So to create app security rule I used below condition but not a single app is visible to OKTA user.