keycloak-scim/server_admin/topics/users/impersonation.adoc
2021-09-21 08:58:46 +02:00

18 lines
1.1 KiB
Text

[id="con-impersonating_{context}"]
=== Impersonation
It is often useful for an admin to impersonate a user. For example, a user may be experiencing a bug in one of your applications and an admin may want to impersonate the user to see if they can duplicate the problem. Admins with the appropriate permission can impersonate a user.
Any user with the `impersonation` role in the realm can impersonate a user.
image:{project_images}/user-details.png[]
When impersonating, if the admin and the user are in the same realm, then the admin will be logged out and automatically logged
in as the user being impersonated. If the admin and user are not in the same realm, the admin will remain logged in, but additionally be logged in as the user in that user's realm. In both cases, the browser will be redirected to the impersonated user's User Account Management page.
There are two locations an admin can initiate impersonation. The first is on the `Users` list tab.
.Additional resources
For more information on assigning administration permissions, see the <<_admin_permissions,Admin Console Access Control>> chapter.