hello
am trying to achieve multi tenancy with keycloak using groups where the tenant=group
assuming i have groupX
and groupY
and each group contain some number of users normally i should have maybe an admin in each group for example userX
is admin in the groupX
and have the ability to only view and manage users in the groupX
and the same things applies to userY
.
so far i did create two group and i did join some users to each group and all the users i create have default-roles-master
as a role since giving a user admin
role will result that the user have the ability to manage all groups.
also i did enable permissions in each group and i did try creating user policy and group policy then i did attach it to the groups permission but i dont think that this was the right thing to do