We will need the capability of impersonating a child user (at any depth level) for supporting actions.
I'm guessing that adding an extra param when authenticating as parent user, indicating which child user to impersonate could be enough. From that point on, that session belongs to the child user, so any interaction with a service would be done as if the child user was the one performing the action.
We will need the capability of impersonating a child user (at any depth level) for supporting actions.
I'm guessing that adding an extra param when authenticating as parent user, indicating which child user to impersonate could be enough. From that point on, that session belongs to the child user, so any interaction with a service would be done as if the child user was the one performing the action.