I have created 2 different applications and assigned 2 different groups to each.
I then created 2 login forms for each application, in the code of each giving respective redirect URI and clientId.
Unfortunately i am able to login to both the applications using the email IDs that do not belong to the group assigned to each of them.
So if snigdha is assigned to app1, sagar is assigned to app2.
I am still able to login to app1 using sagar’s email ID.
The code i am using in the frontend application is