Temporal-UI: Security

Based on documentation UI can be configured to use SSO (GitHub - temporalio/web: Temporal Web UI v1). I managed to setup it using Auth0 but the issue was that everyone in the audience has access to the temporal and all its functions (like accesing all event data, terminating a workflow in all namespaces).

I was wondering if I have done it right or I was missing something.

BTW I am using v1. It would be awesome if you point me in the right direction about how to achieve the same with the v2 version.

Finally, are you planning into adding scopes / roles somehow to be able to split namespace visibility, event-data access and actions?