[keycloak-user] Impersonate
Bill Burke
bburke at redhat.com
Thu May 5 08:39:50 EDT 2016
This was really only implemented to run in the admin console for browser
applications. The behavior depends on what realm the user and
admin/impersonator is in. If the user is NOT in the master realm and
the impersonator IS in the master realm, then a brand new session is
created and the admin remains logged in. That allows them to switch
between being an admin and the user in the same browser session. If the
user and impersonator are in the same realm, then the admin is logged
out and logged in as the user.
On 5/5/2016 4:14 AM, Daniele Bonetto wrote:
> Hi guys,
>
> i have a little confusion about how impersonate works in Keycloak.
>
> I saw there's a impersonate API that can be called with impersonate
> privileges.
> I expected when called the API in some ways changes current logged user
> session data with impersonated user informations, but seems nothing will
> change in keycloak sessions neither returns the changed tokens and the
> current user sessions seems still alive.
>
> I also checked keycloak.js to find some method that allows me to call
> impersonate API from my webapp to allow our operators to access as users.
>
> Can someone help me please?
>
> Best regards,
> Daniele Bonetto
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160505/f886ab0d/attachment.html
More information about the keycloak-user
mailing list