We have a SaaS application that puts every client in their own tenant (realm) in keycloack. All tenant users are in their corresponding client (tenant) realm.
Each tenant work on projects, files, tasks, messages within their own tenant (for all the users).
The requirement is to implement a way to achieve the following:
1. A user in tenant A invites a user in tenant B to collaborate on a project xyz.
2. User in tenant B accepts the invite and now can see the objects (files, tasks, messages) that belong to project xyz in tenant A.
3. Achieve this with no loss of security and privacy.
4. Full control remains within tenant A hands.
We can think of this as inviting external collaborators in Asana, Github, Figma, and so on.
If you have experience in keycloack and believe you can implement this for us, please let us know by sending a proposal with brief plan.