keycloak-scim/topics/users/impersonation.adoc

28 lines
1.4 KiB
Text
Raw Normal View History

2016-05-16 13:54:17 +00:00
=== Impersonation
It is often useful for an admin to impersonate a user. For example, a user may be experiencing a bug in one of your applications and
an admin may want to impersonate the user to see if they can duplicate the problem. Admins with the appropriate permission
can impersonate a user. There is two locations an admin can initiate impersonation. The first is on the `Users` list tab.
.Users
image:../../{{book.images}}/user-search.png[]
You can see here that the admin has searched for `jim`. Next to Jim's account you can see an impersonate button. Click that
to impersonate the user.
Also, you can impersonate the user from the user `Details` tab.
.User Details
image:../../{{book.images}}/user-details.png[]
Near the bottom of the page you can see the `Impersonate` button. Click that to impersonate the user.
When impersonating, if the admin and the user are in the same realm, then the admin will be logged out and automatically logged
in as the user being impersonated. If the admin and user are not in the same realm, the admin will remain logged in, but additionally
be logged in as the user in that user's realm. In both cases, the browser will be redirected to the impersonated user's User Accoutn Management
page.
Any user with the realm's `impersonation` role can impersonate a user. Please see the <<fake/../../admin-permissions.adoc#_admin-permissions,Admin Permissions>> chapter
for more details on assigning administration permissions.