Restricting access for users to clients


I have a Single Page Application (SPA). For this application I created a public client so that we can manage authentication for users. We have multiple customers and each customer has its own client id. Now I want to prevent users from logging in to certain client. This doesn’t seem possible straight out of the box in Keycloak.

I found a solution by creating an authentication script (, just wanted to run this by the community to make sure this is the correct approach.

Thank you!