DEV Community

loading...

Discussion on: Join realms with user federation

Collapse
roxchgt profile image
Roshak Zarhoun

Hi Haris,
have you found any solution to this? I'm dealing with exact same setup and would like to hear how you've eventually solved this

Collapse
greenroommate profile image
Haris Secic Author

Sadly no. You would have to write yourown plugin. So far in prototype we use 1 Realm which has all users and they are devided in groups. Separate realms will be made for each client to prevent access from main one in other external apps. However we also consider building a proxy middleware which will inspect token, lookup our databases for privileges or decide based on access token claims and either forward request or throw 401 403 404 depending on security level. However middleware requires that the external apps can only be accessed through VPN which proxy would be in but also expose 1 endpoint to rest of the world. So only way into ecternal apps would be proxy connected to keycloack filtering network with additional rules.