[keycloak-user] User impersonation - JWT
Harry Trinta
harrytpc at gmail.com
Tue Jul 5 08:47:07 EDT 2016
Stian, thanks for the reply!
There is no service to retrieve a token passing the cookies as a parameter?
I was looking at TokenEndpoint.java, but I have not found a way.
Thanks
2016-07-05 3:33 GMT-03:00 Stian Thorgersen <sthorger at redhat.com>:
> The impersonation feature we have logs the admin in as the impersonated
> user rather than generate tokens. We decided on this approach as it would
> be transparent to applications and they wouldn't need to build-in special
> impersonation. What you want is not possible at the moment, but you can
> create a JIRA feature request for it. It would have to be a community
> contribution if you want it added in a timely manner.
>
> On 4 July 2016 at 18:52, Harry Trinta <harrytpc at gmail.com> wrote:
>
>> Dears,
>>
>>
>>
>> I need a help with user impersonation on keycloak.
>>
>>
>>
>> I am authenticating users through the
>> "/realms/test/protocol/openid-connect/token". As expected, it returns a
>> token JWT.
>>
>> In my app, all requests go through apiman, which validates the JWT.
>>
>>
>>
>> Now, I need to personification of user. I'm calling the service
>> "/admin/realms/test/users/USER_ID/impersonation", sending the token in the
>> header (Authorization = Bearer eyJhbGciOiJSUzI1NiJ9 ...).
>>
>> The service /impersonation creates the user session on keycloak, however
>> doesnt return a JWT, but 3 cookies. *I'd like to get the JWT of
>> personified user instead of cookie.* It's possible?
>>
>>
>>
>> Best regards
>>
>> Harry Costa
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160705/56fbb754/attachment.html
More information about the keycloak-user
mailing list