Single backend - multiple clients

Hello Keycloak masters,

I have a single backend that servers two applications (keycloak clients) and each has a different role. For example first role is customer who has access to webshop related endpoints while second client is admin app which has access to purchase orders and stuff client 1 (webshop) should not have access to.

And I don’t understand how can I implement that. Any suggestion would be more than welcome.

Basically everything needed is described here:

Cheers everyone.