ADFS on multiple environment restrict access

ZZ
ZZ
Vote:
 

HI,

We are using ADFS for EPiServer admin site login and it works perfectly fine.

I have followed this link to achieve ADFS login ->  https://docs.developers.optimizely.com/content-cloud/v11.0.0-content-cloud/docs/configuring-mixed-mode-owin-authentication

We have multiple environments and want to restrict permissions for some users so that can only login to EPiServer test admin site and not production.

We have virtualroles in EPiServerFramrwork.config file e.g

      <add name="CmsAdmins" type="EPiServer.Security.MappedRole, EPiServer" roles="xxAdmin" mode="Any" />
where xxAdmin is added to the user in ADFS and then the user is CMS admin on all of the enivronments.
We have diiferent RelyPartyURI for each environment.
Whats the best way to restrict access to other environments ? 
Any help would be appreciated 
#289604
Edited, Oct 14, 2022 9:49
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.