[keycloak-user] User impersonation from Javascript adapter

Gianluca Frediani gianluca.frediani at outlook.com
Thu May 31 11:18:15 EDT 2018


Hi all,
I'm trying to use the impersonation feature of Keycloak from a web application using the Javascript adapter.

The idea is that a user (with the impersonation permission) can specify a user id of another user, click a button, and then he navigates the web application as the specified user (this is similar to what happens when you click "Impersonate" on the Admin Console).

I haven't found any example of how to implement this feature, and I haven't found any specific method in the Javascript adapter. The best solution I've have found so far is to call the token exchange API, obtain new tokens, and then call again the init method of the keycloak instance. However, this is only working when the checkLoginIframe is disabled. If the iframe is present the user is logged out and redirected to the login page.

I just want to know if there is a better way to do implement this feature, and I think that should be nice to have a working example. Furthermore, it would be nice to have a "impersonate" method directly on the keycloak adapter that performs all the required operations (call the token exchange API, re-sets all tokens, and so on). For the last point I can contribute if necessary.

Regards,
Gianluca



More information about the keycloak-user mailing list