Impersonation

[AienTech]

Hello,

I'm currently working on an application that uses the Mellon and Keycloak as the identity provider, using SAML for the authentication flow. I'm trying to implement an impersonation feature in my application that would allow a user with certain privileges (e.g. an administrator) to temporarily take on the identity of another user without requiring the original user to log out.

I'm wondering if it is possible to use the Mellon to implement this feature, and if so, what would be the best approach to do so. I've been reading through the Mellon documentation and searching online for examples, but so far I haven't been able to find much information on how to implement impersonation with Mellon.

If anyone has experience with using Mellon and Keycloak together and can provide some guidance or pointers on how to implement impersonation in this setup, I would really appreciate it.

Thank you for your time and help!

[thijskh]

Hi! Mod mellon does not in itself provide impersonation functionality. It will authenticate the user with the IdP and present the result to the application. Either the application itself can provide impersonation features (that is: use the result from the mellon auth to determine you are "admin", then in the local session provide some override metchanism for the displayed user), or perhaps keycloak could do this, meaning different user data would be presented to mellon from the keycloak idp. Mellon will just be passing this along as regular.