[keycloak-user] User impersonation - JWT

Stian Thorgersen sthorger at redhat.com
Tue Jul 5 02:33:30 EDT 2016


The impersonation feature we have logs the admin in as the impersonated
user rather than generate tokens. We decided on this approach as it would
be transparent to applications and they wouldn't need to build-in special
impersonation. What you want is not possible at the moment, but you can
create a JIRA feature request for it. It would have to be a community
contribution if you want it added in a timely manner.

On 4 July 2016 at 18:52, Harry Trinta <harrytpc at gmail.com> wrote:

> Dears,
>
>
>
> I need a help with user impersonation on keycloak.
>
>
>
> I am authenticating users through the
> "/realms/test/protocol/openid-connect/token". As expected, it returns a
> token JWT.
>
> In my app, all requests go through apiman, which validates the JWT.
>
>
>
> Now, I need to personification of user. I'm calling the service
> "/admin/realms/test/users/USER_ID/impersonation", sending the token in the
> header (Authorization = Bearer eyJhbGciOiJSUzI1NiJ9 ...).
>
> The service /impersonation creates the user session on keycloak, however
> doesnt return a JWT, but 3 cookies. *I'd like to get the JWT of
> personified user instead of cookie.* It's possible?
>
>
>
> Best regards
>
> Harry Costa
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160705/fe680164/attachment.html 


More information about the keycloak-user mailing list