Hi everyone,
I’m currently working on setting up Keycloak with the Organisation feature to support a multi-tenant architecture, where users can be members of multiple Organisations.
One of the key requirements is that users should be able to self-register for a specific Organisation without requiring any admin intervention or unique invite links. After registration, Organisation administrators may later assign roles or permissions to the user.
Ideally, I’m looking for a solution that allows a generic registration link for each Organisation, which automatically associates the registering user with that Organisation.
Is this possible using the Organisation feature in Keycloak? Would using subdomains (e.g., org1.example.com, org2.example.com) be a viable approach to route users to the correct Organisation during registration? I think IDPs would not work, since user come from different email domains.
Any guidance or best practices on how to implement this would be greatly appreciated.
Thank you!
JS