Description of the situation
-
I Have a Realm that store user from an entreprise (call it Realm1)
-
I have a realm that store users which use a client app (random consumer, call it Realm2).
-
I need multi tenancy.
-
I use Quarkus
-
All data in database are filtered with a claim in the token
-
Nowaday, I need to keep all users in the same realm and add realm-management roles to allow worker user to manage consumer users.
-
I create client for API (bearer-only) for the realm.
-
I create client for user login (public/confidential).
-
To identify if a consumer user is at the office of a worker user, I need a worker user in this office to confirm it.
-
Then I put a claim in the user to know with the token where they are.
What I want to do
- I want différent Realm to manage this
- All I want to know is if : With my APIs is it possible to give them an Master realm client with realm-management roles and make them add the claim in the user when needed ?
I’m open to all of your advice, Thank you