Zero Trust Application: Bypass based on URL

I’m using Zero Trust to secure a self-hosted application. I’m using a custom OIDC provider for authentication. Everything works swell.

My application is hosted at https://application.example.org - how do I bypass authentication for specific URLs, e.g. https://application.example.org/public should not have any authentication applied at all.

I see that I could create bypass-policies that allows e.g. specific IPs to bypass all authentication - I would want this to be restricted to a certain URL (i.e. /public is allowed by all IPs).

Figured it out myself: Not with policies, but I could create different applications per path.