Realms related doubts in Keycloak Implementation

[Nilesh Ratta]

Hi Team,

At Present : 

I have a SAAS application which supports multiple accounts(customers) and we do support normal DB Authentication, SSO (SAML Protocol) for different accounts.

I mean some customer users use simple DB (userName and pwd) authentication and some customers have custom SSO (so those account users use their SSO authentication)

Requiremnt :

To remove authentication part out of the application. We wish to use Keycloak (so that it can handle normal DB authentication as well SSO authentication)

I have following doubts :

a) Do I need to have multiple realms one for default users and different realms for SSO accounts ??

b) Can I  secure my .ear   in my Wildfly with multiple realms defined in keycloak ??

c) Does Keycloak is a good approach for my requirement ?

Kindly provide your inputs so that I can take quick decision

Regards

Nilesh