TeskaLabs / seacat-auth

SeaCat Auth provides authentication, authorization, identity management, session management and other access control features.

GNU General Public License v3.0

11 stars 6 forks source link

Impersonation REST API #210

Closed byewokko closed 1 year ago

byewokko commented 1 year ago

New `PUT /impersonate` endpoint

Creates impersonated root session and sends back a response with a Set-Cookie header.
Designed as a REST API endpoint. Unlike the POST endpoint, this one does not do any redirections. The redirection is expected to be done by the caller.

Impersonating superusers

Impersonating credentials with authz:superuser resource is now enabled, but the resource is excluded from the impersonated session.