We're using the JIT SAML configuration for authenticating users in DataMiner. Currently, we add an Azure group to the allowlist in both the Azure Enterprise Application and DataMiner Cube. However, we only add groups that have direct members. Would it be possible to add a group that doesn't have direct members but is instead comprised of other groups (nested groups)?