Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Keycloak Realm VS Keycloak Client

Tags:

I am recently working on Keycloak 6.0.1 for SSO for authentication for multiple applications in organisation. I am confused in difference between clients and realm.

If I have 5 different application to be managed for SSO then do I have to create 5 different clients or 5 different realm ?

If I say I have to create 5 different Clients under 1 realm then could I execute different authentication flow for different client in same realm ?

like image 671
Rohan Kadu Avatar asked Jun 12 '19 11:06

Rohan Kadu

2 Answers

According to Keycloak documentation

  1. Realm - A realm manages a set of users, credentials, roles, and groups. A user belongs to and logs into a realm. Realms are isolated from one another and can only manage and authenticate the users that they control.

  2. Clients are entities that can request Keycloak to authenticate a user. Most often, clients are applications and services that want to use Keycloak to secure themselves and provide a single sign-on solution. Clients can also be entities that just want to request identity information or an access token so that they can securely invoke other services on the network that are secured by Keycloak.

For your scenario you can create 5 different clients under one realm. Keycloak provides out of the box support for Single Sign On. For more information refer to Keycloak documentation keycloak documentation link

like image 95
Santhoopa Jayawardhana Avatar answered Sep 17 '22 01:09

Santhoopa Jayawardhana

The core concept in Keycloak is a Realm. A realm secures and manages security metadata for a set of users, applications, and registered oauth clients. Users can be created within a specific realm within the Administration console. Roles (permission types) can be defined at the realm level and you can also set up user role mappings to assign these permissions to specific users.

http://www.mastertheboss.com/jboss-frameworks/keycloak/introduction-to-keycloak

Generally talking, a client represents a resource which some users can access. Keycloak's built in clients are for keycloak internal use.

Example for an application could be any mobile application. Client can be a simple REST API.

like image 22
lowmath Avatar answered Sep 18 '22 01:09

lowmath
Sign in to Comment

Related questions

How run build task automatically before debugging in Visual Studio Code?
Converting newtonsoft code to System.Text.Json in .net core 3. what's equivalent of JObject.Parse and JsonProperty
How to normalize a private key stored on AWS secrets manager
Azure devops users cant see repos even though they have full read/contribute permissions. How could we fix?
Difference between multiprocessing, asyncio and concurrency.futures in python
Streaming files and moving them after read
Method/Sub Binding In Raku
Why is there no overload for printing `std::byte`?
sizeof() equivalent for reference types?
Uninstall Mono from Mac OS X v10.5 Leopard
Cookies and subdomains
Multiple domains for one site: alias or redirect?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!