Using Keycloak for a multi-tenant app that uses subdomains for its tenants

Getting advice
1

Hello!

I’m trying to set up Keycloak in a multi-tenant environment, where each tenant is accessing the same app through a subdomain i.e. customer1.myapp.com and customer2.myapp.com etc.

As you can’t currently use a wildcard for the subdomain in the Redirect URI for the client (this would be ideal), I am instead trying to set up a redirect URI that then will redirect you to the correct subdomain similar to how it is done in this guide, where dispatch.myapp.com/* is the redirect URI.

However, I’m using react-keycloak package which seems expect the url I’m on i.e. customer1.myapp.com to match the redirect URI, and I’m getting a invalid redirect URI error…

What is the recommended way to implement Keycloak across multiple subdomains for the same app? Any clues appreciated :slight_smile:

Thanks!

3 Likes
2

Did you happen to find a solution to this issue? I’m running into the same situation. Thanks!

3

I ended up adding Redirect URI’s for every tenant, using the Keycloak API to do it programatically whenever a tenant is added or when they change their subdomain.

A bit cumbersome but works.

1 Like
4

Thanks so much for the info. My colleague and I were just discussing this and came up with the same solution. It’s reassuring to find that we came to the same conclusion.

1 Like
5

Hi,
How did you handle the multi-tenancy on the Keycloak side? (Not redirection but the architectural flow)