I have created an API for some website, written in golang using gin. I setup a Keycloak and LDAP server (for test purposes) on an EKS cluster, connected this LDAP to Keycoak, and finally implemented user Authentication using "gocloak", for a login page before the website's home page.
Now what I am interested to do is users Authorization. Simple example is that I don't want to allow some users to be able to use all the API's endpoint such as DELETE or UPDATE.
I want to take advantage of Keycloak (which is connectred to LDAP) in order to achieve that, so I can restrict users based on their LDAP group for example.
I am not sure how to start as I don't have an idea.
Appreciate any suggestions and if possible any examples or forward to existing examples would be great.
Thank you.