Same application.yml different access-groups

We have a development and production sever. Is there a way to restrict access on the development server so that users don’t inadvertently end up using the development server? In general I am trying to keep the application.yml and what not the same between the servers. Is it possible to set a top-level/default access-groups using an environment variable for example?

It isn’t clear from the documentation how to go about doing this(Using SAML with LDAP mapped roles) if that helps.