8000
Receiving impersonator details in impersonation tokens for logging user actions · keycloak keycloak · Discussion #40887 · GitHub
More Web Proxy on the site http://driver.im/
You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I’m migrating my app’s custom impersonation logic to Keycloak’s built‑in impersonation.
When Keycloak issues an access token for the impersonated user I lose track of who initiated the impersonation and which actions were performed under impersonation.
For audit purposes I need to flag impersonated requests and log both the impersonated user’s ID and the original (impersonator) user’s ID in our existing schema.
Does Keycloak include the impersonator’s identity in the token payload by default, or is there a recommended SPI or TokenEnhancer extension to inject a custom “impersonator” claim? Any pointers or example configurations would be greatly appreciated. Thank you!
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hi everyone!
I’m migrating my app’s custom impersonation logic to Keycloak’s built‑in impersonation.
When Keycloak issues an access token for the impersonated user I lose track of who initiated the impersonation and which actions were performed under impersonation.
For audit purposes I need to flag impersonated requests and log both the impersonated user’s ID and the original (impersonator) user’s ID in our existing schema.
Does Keycloak include the impersonator’s identity in the token payload by default, or is there a recommended SPI or TokenEnhancer extension to inject a custom “impersonator” claim? Any pointers or example configurations would be greatly appreciated. Thank you!
Beta Was this translation helpful? Give feedback.
All reactions