Realms for microservice application

Hi all,

I am building a new microservice based application and migrating from Spring Auth Server to Keycloak.

We have a series of backend microservices which can communicate with other using OAuth2. Some of the microservices methods are exposed on the frontend through a single page web application.

My question is regarding best practice with realm security. Should we have two realms, one for frontend access (this would have all signed up users etc) and one for backend. Or should we just use one realm for all application access?

Any advice or recommendation would be much appreciated.