I want to create 2 tenants in a single realm with complete isolation so that one tenant admin can only see/manage his users and not the other tenants . What would be the best way to achieve this ?

I am using Keycloak v25.
The caller will set “audence” in the token request.

I am using Keycloak version 25 but have difficulties in setting up custom scopes.
What I need is to have JWT token with custom scopes like

I’m upgrading Keycloak to version 21.

I’m trying to create a new idp for my purposes.
I created all, it get shown on “identity providers” and i can enable it, so on login screen i see my new Idp.
I implemented “performLogin” to do a redirect to my service, then my service redirect back to keycloak with some query data that i will read on “callback” implemented as “Endpoint”.
I can get all i need from “callback”, i can create a new user from that, assign a role etc
What i’m missing is to authenticate the user:

White creating the group in keycloak, I want to pre-define the group attribute keys so that admin need not enter group keys while creating the group for every group. He will only need to enter the group attribute value.
Is there any way to achieve this in latest keycloak?

version upgrading from 10.0.2 to 24.0.3;

I have a custom login with recaptcha flow on Keycloak, and I have replaced the usual browser flow in the Keycloak admin dashboard with this one. Here’s the code for the custom class I’m using

After setting email address to Admin account(bad idea), i have not been able to log in via Web, it asks to Verify email address but that verification is not sent.