Can we opt to not SSO for applications but just make use of Keycloak common login page only?


i have a use case that, applications want to make use of keycloak’s common login page to login…however, they don’t want to SSO (due to some reason for internal apps). So, in the same browser session, user can login different applications/clients with different user /identity.

ways i guess should work:

  • define the non-SSO client in a separate realm.[extra effort needs to maintain many realms and realms setting].
  • for each client, use different DNS for access keycloak (e.g. client 1, keycloak URL =, client 2 use… [extra effort needs to maintain DNS per clients]

is there a more easy way to achieve non-SSO but just make use of keycloak for login (and hence get the access token/refresh token…etc)?