keycloak-scim/server_admin/topics/realms/master.adoc

19 lines
1.2 KiB
Text
Raw Normal View History

2016-05-13 14:41:36 +00:00
= The master realm
In the Admin Console, two types of realms exist:
2016-05-13 14:41:36 +00:00
* `Master realm` - This realm was created for you when you first started {project_name}. It contains the administrator account you created at the first login. Use the _master_ realm only to create and manage the realms in your system.
* `Other realms` - These realms are created by the administrator in the master realm. In these realms, administrators manage the users in your organization and the applications they need. The applications are owned by the users.
.Realms and applications
image:../../../getting_started/images/master_realm.png[Realms and applications]
Realms are isolated from one another and can only manage and authenticate the users that they control. Following this security model helps prevent accidental changes and follows the tradition
of permitting user accounts access to only those privileges and powers necessary
for the successful completion of their current task.
2016-05-13 14:41:36 +00:00
.Additional resources
* See <<_per_realm_admin_permissions, Dedicated Realm Admin Consoles>> if you want to disable the _master_ realm and define administrator accounts within any new realm you create. Each realm has its own dedicated Admin Console that you can log into with local accounts.