upachler
commented
7 years ago I don't see user management and login as the scope of the HAL browser. In my project I moved the HAL browser into a server path requiring authentication, same as the REST API - and now they share the user management. Because all calls that the HAL browser makes are done in the context of the current session, the REST services see that session as well and can act accordingly.
So ultimately, changing users is up to your application, and not the HAL browser
shadd-anderson
When manually testing an API, it can be useful to change pre-loaded users to test different functionalities. For instance, testing whether only an "admin" can create an object, where a generic "user" cannot.