[keycloak-user] Multi-tenancy with groups
Wyns Dean
dean.wyns at aptus.be
Thu Sep 27 08:45:57 EDT 2018
Hi there
A client of ours requires multi-tenancy (multiple customers) but without isolation of users. In others words, one user can be linked to multiple customers. A user with the permission to do so, should be able to manage their customer's users.
For this client we created a realm to completely isolate it. So we would use groups to implement the customers below our client.
Is creating a group per customer the best way to implement this? And then restrict the user management by using the fine-grained permissions built into the Keycloak admin console?
Or is there another better way?
Thanks
Dean
More information about the keycloak-user
mailing list