I am recently working on Keycloak 6.0.1 for SSO for authentication for multiple applications in organisation. I am confused in difference between clients and realm.
If I have 5 different application to be managed for SSO then do I have to create 5 different clients or 5 different realm ?
If I say I have to create 5 different Clients under 1 realm then could I execute different authentication flow for different client in same realm ?
According to Keycloak documentation
Realm - A realm manages a set of users, credentials, roles, and groups. A user belongs to and logs into a realm. Realms are isolated from one another and can only manage and authenticate the users that they control.
Clients are entities that can request Keycloak to authenticate a user. Most often, clients are applications and services that want to use Keycloak to secure themselves and provide a single sign-on solution. Clients can also be entities that just want to request identity information or an access token so that they can securely invoke other services on the network that are secured by Keycloak.
For your scenario you can create 5 different clients under one realm. Keycloak provides out of the box support for Single Sign On. For more information refer to Keycloak documentation keycloak documentation link
The core concept in Keycloak is a Realm. A realm secures and manages security metadata for a set of users, applications, and registered oauth clients. Users can be created within a specific realm within the Administration console. Roles (permission types) can be defined at the realm level and you can also set up user role mappings to assign these permissions to specific users.
http://www.mastertheboss.com/jboss-frameworks/keycloak/introduction-to-keycloak
Generally talking, a client represents a resource which some users can access. Keycloak's built in clients are for keycloak internal use.
Example for an application could be any mobile application. Client can be a simple REST API.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With