I have the following situation:
My application consists in a frontend and a backend micro service, which both authenticate themselves via the same realm on one keycloak server. This set-up has been used for development, but now I need to extend it to support multi tenancy, because in the future each customer (tenant) should get its own realm with individual user accounts. However, since the user’s realm must already be known before logging in, I am wondering if this is even possible with Keycloak.
An alternative would be to work with one single realm for all tenants and to do the mapping (users - tenant) via groups/roles. However, this is no suitable solution for me, as the tenants should not be able to see each other’s user accounts in keycloak. I need to have them in different realms.
So my question would be if there is any solution to authenticate users from different realms against a single application?
Your help will be much appreciated.