Does keycloak supports multi tenancy rbac system if yes how i can acheive?

Hi All,

I am dealing with a SaaS platform which supports multi tenancy

This is how our architecture is

Partner under partner we have clients for example (partner means take google as partner and clients means who are using its service)

we have users at partner level and client level same way roles at partner and level and client level as well.

A role contains the permission set and clients which needs to be part of user.role is tied with user.when user logged in they can only see particular clients with the give permission set applied. So now we are using spring security to do authentication and authorization. Is keycloak supports this type of model. Please check the following hierarchy for better understanding.