Hi, In considering what domain name(s) we might use for a new Keycloak auth, please advise:
-
Is it necessary to use a subdomain such as auth (e.g. in auth.domain.tld) or since we’re dedicating a domain to Keycloak, can we just use domain.tld?
-
I see that a Keycloak managed service provider may use their own domain name but a client would point a DNS CNAME record at their name. Two questions please:
i. Is that generic functionality within Keycloak/how does one add support for an additional domain name?
ii. Can a single Keycloak environment support multiple domains such that a single user logging in could use more than one auth domain i.e. auth.domain1.tld and auth.domain2.tld? I ask this as good .com domains are somewhat scarce, and using another tld poses some risk (I have less confidence in the registrar), but if we can use two different domains the risk is reduced.
Thank you