This was really only implemented to run in the admin console for
browser applications. The behavior depends on what realm the user
and admin/impersonator is in. If the user is NOT in the master
realm and the impersonator IS in the master realm, then a brand new
session is created and the admin remains logged in. That allows
them to switch between being an admin and the user in the same
browser session. If the user and impersonator are in the same
realm, then the admin is logged out and logged in as the user.
On 5/5/2016 4:14 AM, Daniele Bonetto
wrote:
Hi guys,
i have a little confusion about how impersonate works in Keycloak.
I saw there's a impersonate API that can be called with impersonate
privileges.
I expected when called the API in some ways changes current logged user
session data with impersonated user informations, but seems nothing will
change in keycloak sessions neither returns the changed tokens and the
current user sessions seems still alive.
I also checked keycloak.js to find some method that allows me to call
impersonate API from my webapp to allow our operators to access as users.
Can someone help me please?
Best regards,
Daniele Bonetto
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com