[keycloak-user] Maximum number of clients (applications) in a realm

Marek Posolda mposolda at redhat.com
Tue Jun 30 08:39:38 EDT 2015 

Hi Orestis,

the alternative is also to use our admin REST api directly and invoke 
REST endpoints for create/update client directly without using our admin 
console.

Marek

On 30.6.2015 14:30, Orestis Tsakiridis wrote:
> Hi Marek,
>
> my comments inline:
>
> On Tue, Jun 30, 2015 at 2:44 PM, Marek Posolda <mposolda at redhat.com 
> <mailto:mposolda at redhat.com>> wrote:
>
>     How much clients you have in mind?
>
>
> I guess 100-1000 would be realistic. But more may come later.
>
>     Theoretically there is no any limit. At least at database level.
>     Fact is that we didn't try to test admin console UI with very big
>     number of clients. Feel free to create JIRA if you're seeing issues.
>
>
> Thanks. Before doing this, i just want to be sure that i'm on the 
> right path and there are no alternatives. For instance, i've also 
> considered creating a new realm per machine but this won't work 
> either. A user's identity should be global but also have access to 
> selected machine(s). I think that concept can work only within a 
> single realm.
>
>     Another approach is to design your deployment so the number of
>     clients is not too big. For example when adding new "machine" you
>     can reuse already created clients (not sure if it's the approach
>     which works for you, just a possible hint...)
>
>
> Unfortunately that won't work either. :-(. We need those clients and 
> their respective machines to be in place and operational.
>
>     Marek
>
>
>
> Anyway, thanks for the help Marek!
>
>
> Regards
>
> Orestis
>
>
>
>
>     On 30.6.2015 09:50, Orestis Tsakiridis wrote:
>>     Hi all,
>>
>>     Is there a limit in the maximum number of clients/applications in
>>     single realm supported by keycloak?
>>
>>     I can see that the keycloak admin UI is not built with a big
>>     number in mind. For instance, when assigning "Client roles" to a
>>     realm user there is a dropdown with all clients/applications in
>>     the realm. I guess this shouldn't grow too big to be usuable.
>>
>>     I'm working on a scenario where i need to implement authorization
>>     in a system where new machines (and their respective keycloak
>>     applications) will be added on the fly. So i'm worying about what
>>     will happen if the number starts to grow.
>>
>>
>>     Thanks
>>
>>
>>
>>
>>
>>     _______________________________________________
>>     keycloak-user mailing list
>>     keycloak-user at lists.jboss.org  <mailto:keycloak-user at lists.jboss.org>
>>     https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>     _______________________________________________
>     keycloak-user mailing list
>     keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
>     https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150630/cdbb8fc9/attachment.html

More information about the keycloak-user mailing list