Authenticate two different services with a single keycloak server

I currently am facing a problem in which I need to authenticate both a Next.js application and a Bokeh server running on Tornado within the same Keycloak realm, as both services need to query user data. How could I go about configuring this on the Keycloak side? Is there anything else other than redirect URIs or such that needs attention?

Yes I am also interested in this. Sort of dynamic url redirection.

Not sure if I fully understand what you mean, but ideally I would have this flow, when a user opens an application, the frontend code checks if the user is logged in. If not, then the frontend code redirects the user to Keycloak server for authentication. In this authentication you can provide the redirect URL. So after keycloak authenticates, it will know which URL to redirect to.

Well, @MastroCoder, I understand your use case as the typical SSO scenario, which is one of the basic functionalities Keycloak provides ootb without further configuration.
Authenticated users do all have access to the clients configured in the same realm like the users. So, a realm is a logical and isolated area for users and clients to work together. As Keycloak (or, respectively the realm itself) is an Identity Provider, Keycloak provides identity information about the user to the client(s). This is how OIDC works.

Thank you for the response!
I believe now it is only a matter of configuring my services to work properly with Keycloak.

Thanks again!