Summary
Today, it isn't clear how to best configure Spring Security to support a multi-tenant OAuth2 client.
Here is an example of one approach out in the wild:
https://github.com/thomasdarimont/spring-boot-2-keycloak-oauth-example/blob/feature/mulit-tenancy/src/main/java/demo/SpringBoot2App.java#L127
Though whether JwtDecoder is the ideal place and how tenants might possibly be treated in a more first-class way is yet to be seen. Opening this issue to get the conversation started.
Summary
Today, it isn't clear how to best configure Spring Security to support a multi-tenant OAuth2 client.
Here is an example of one approach out in the wild:
https://github.com/thomasdarimont/spring-boot-2-keycloak-oauth-example/blob/feature/mulit-tenancy/src/main/java/demo/SpringBoot2App.java#L127
Though whether
JwtDecoderis the ideal place and how tenants might possibly be treated in a more first-class way is yet to be seen. Opening this issue to get the conversation started.