[keycloak-user] [Conception] how to define a suitable realm
GARDAIS Ionel
ionel.gardais at tech-advantage.com
Mon Aug 13 08:46:21 EDT 2018
Hi list,
I have a question about the creation of the realms in Keycloak.
It may be SSO-101 but I can't figure the right answer.
As I understand it, a realm is a collection of clients sharing the same policies.
A user logged from one client in a realm will be authenticated in all other clients in the same realm.
Say I have 3 apps AppA, AppB and AppC.
I want a user to be SSO'ed with AppA and AppB (not AppC).
I also want a user to be SSO'ed with AppB and AppC (not AppA).
I guess I need a realm covering AppA and AppB and another realm covering AppB and AppC.
However, most (if not all) clients I've seen only allow one IDP definition thus forbids AppB to know both realms.
How to solve this ?
Regards,
Ionel
--
232 avenue Napoleon BONAPARTE 92500 RUEIL MALMAISON
Capital EUR 219 300,00 - RCS Nanterre B 408 832 301 - TVA FR 09 408 832 301
More information about the keycloak-user
mailing list