We’re having a B2B application and we are planning to add IAM module as multi tenant. We have lots of companies as tenants so should I use multiple realms as tenant or single realm and multiple group as tenant
There are several approaches that have been discussed here. The particulars of each depends on how you will use keycloak, the permissions/role model, and if you intend to allow each of your customers/tenants to use their own IdP.
I have an approach here that solves many of the problems, but requires you to install a custom extension: