Two Authorization for the same match url

[Satish-Karunanithi]

Hi,
I have an use case where i need to protect my service end point and for user Authentication, it is backed with cookie and for Machine to Machine authentication it is backed with OAuth token. (Same End point)
For Authentication in OathKeeper rules we can configure both Cookie and Bearer token. Based on the request header type its respective authentication will be triggered. But i have issue in case of Authorization.

Now for Authorization

• i want to configure Ketos "keto_engine_acp_ory" for request with Cookie header
• directly "allow" for bearer token (Because scope is verified during "oauth2_introspection"

How to configure such branch condition in Authorization step in OathKeeper Rules?

Note: Match url is same for both user and Machine to Machine Access.

Thanks...