[keycloak-user] Trust between two standalone Keycloak Instances
Stan Silvert
ssilvert at redhat.com
Mon Jul 15 14:31:26 EDT 2019
Why do you need each to have its own Keycloak instance? A usual setup
would define all three clients in the same realm under the same Keycloak
instance.
On 7/15/2019 1:23 PM, Aditya Bhole wrote:
> Hello,
>
> I’m new to Keycloak and building a prototype SSO framework for my company. The use case is that my company has 3 clients; A, B and C. Now each client is going to have its own Keycloak instance; KA, KB and KC. Now what I want is when I login through client A I should be logged into client B and C as well. And same goes for all the clients. So for this to happen, is there a way of establishing trust between these three Keycloak instances KA, KB and KC?
> I’ve successfully established an SSO by using KA as a broker and KB as an IDP. But this is only a master slave kind-of an architecture. When I log in to A, I’m automatically logged into B. But if I log into B, I won’t be automatically logged into A. Is it possible for KA to be a broker for KB and KB to be a broker for KA at the same time?
> TL;DR :
> Is there a way where Keycloak only acts as a broker and trust is established between multiple such Keycloak instances?
>
> I hope my question makes sense. Please point me in the right direction if I’m looking at this in the wrong way.
>
> Thanks,
> Aditya
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list