The following steps describe how to set up Keycloak as your IDP for a multi-tenant application. If you want to quickly set up and run a local Keycloak instance, you can easily do this with this docker-compose.yml file.
Start the Keycloak instance with docker-compose up -d
and go to http://localhost:9090/admin to log in to the Admin UI (use the configured admin credentials from the .env file).
Table of Contents
In the following steps, we will set up two tenants: tenant 1 and tenant 2. We will add two users for each tenant (alice and alex for tenant 1, bob and bella for tenant 2).
Login
Create realm tenant-1
Create client app
Create role user
Create group users
Assign user role mapping to group users
Create users alice and alex
Now that we have set up the structure for tenant 1, we need to repeat the same steps for setting up tenant 2. We can follow the above steps in the same way to set up the tenant-2 realm with the users bob and bella.
Conclusion
With the provided instructions in this post, we have shown how to set up Keycloak and prepare it for usage in a multi-tenant environment. To see how to integrate Keycloak with a multi-tenant Spring app, check out the post How to make your multi-tenant Spring app production-ready.
