Understanding Multi-Tenancy Options in Keycloak
As more companies build SaaS platforms, the need to serve multiple customer groups—or tenants—from a single system becomes critical. In the identity world, this means implementing multi-tenancy within your identity provider.
In this post, we’ll walk through:
- What multi-tenancy means in Keycloak
- The drawbacks of using multiple realms for tenants
- Why organizations are a better, more scalable approach
- How the Phase Two Organizations extension supports advanced use cases like theming, shared IdPs, and user membership
- How our implementation differs from (and improves on) the new native Keycloak organizations feature
We've written extensively about how to model multi-tenancy with organizations and how Phase Two's Organizations extension differs from the native implementation being undertaken by the Keycloak team.
All of Phase Two's hosted environments come standard with all of our popular extensions to make it easy to hit the ground running and cover 95% of all IAM use-cases.