Looking for some suggestions.  I try to map as much as possible through SAML.  I've got user groups mapped for license types and some Zoom Phone rights.  Now I need to add another group for a marketplace app.  Looking at my mapping, I keep thinking there has to be a better way of doing this.  I thought maybe I could be clever and pass a different attribute name, but no dice.  A group is a group.

So today, I have my mapping like this to account for host / basic and call recording rights or no.

Attribute         SAML Value                                   Zoom Group

CallRights     ZoomCall_Recording_Hosts     Zoom_Hosts  Zoom_CallRecording
UserGroup    Zoom_Hosts                                  Zoom_Hosts
CallRights      ZoomCall_Recording_Basic      Zoom_Basic  Zoom_CallRecording
UserGroup    Zoom_Basic                                    Zoom_Basic

If I wanted to add another permission for this marketplace app, this strategy starts to get complicated.  The only way I can think to do it is to pass a SAML value for every possible rights config.

Attribute         SAML Value                                   Zoom Group

AppRights     ZoomApp_Recording_Hosts    Zoom_Hosts  Zoom_CallRecording  Zoom_MrktApp
AppRights     ZoomApp_NoRecording_Hosts    Zoom_Hosts  Zoom_MrktApp
CallRights     ZoomCall_Recording_Hosts     Zoom_Hosts  Zoom_CallRecording
UserGroup    Zoom_Hosts                                  Zoom_Hosts
AppRights     ZoomApp_Recording_Basic    Zoom_Basic  Zoom_CallRecording  Zoom_MrktApp
AppRights     ZoomApp_NoRecording_Basic    Zoom_Basic  Zoom_MrktApp
CallRights      ZoomCall_Recording_Basic      Zoom_Basic  Zoom_CallRecording
UserGroup    Zoom_Basic                                    Zoom_Basic

Is this really the only way to do it or am I missing something?