A client of ours requires multi-tenancy (multiple customers) but without isolation of
users. In others words, one user can be linked to multiple customers. A user with the
permission to do so, should be able to manage their customer's users.
For this client we created a realm to completely isolate it. So we would use groups to
implement the customers below our client.
Is creating a group per customer the best way to implement this? And then restrict the
user management by using the fine-grained permissions built into the Keycloak admin
Or is there another better way?
Show replies by date