Self-hosted, OIDC: Limit access to group(s)

This seems related to Self-hosted, single-org & OIDC: default permissions?, and to this Github issue to support the SCIM API for provisioning users: Support SCIM · Issue #870 · gristlabs/grist-core · GitHub.

Grist currently doesn’t support either giving a default permission to all users, or restricting it to users with a certain attribute. Instead, any user who should have access, needs to be added to a team site in “Manage Team” dialog (or can also be added to an individual document), with a suitable role (Viewer/Editor/Owner).

Grist does have an API for adding users, and I believe some organizations have set things up to automate adding users to Grist using that. I don’t have any examples to follow though.