Impersonate a user


I’m trying to impersonate a user by API.

I’m using a realm “my_realm”, not a master realm.

My user has all the roles of the client Realm-management and role impersonation.

ok, on the browser using ajax

  1. I get a token for user with role to impersonate

  2. I invoke api to impersonate with the previous token.

In the response headers i get new KEYCLOAk_IDENTITY AND KEYCLOAK_SESSION and redirect to auth/realms/smart2m/account/applications

  1. When i redirect to auth/realms/smart2m/account/applications
    the status code is a 302 and a cookie OAuth_Token_Request_State path /auth/realms/smart2m/account/login-redirect. And sometimes a empty KEYCLOAk_IDENTITY AND KEYCLOAK_SESSION cookies and i need to login again.

What am I doing wrong?
What is the correct flow? do i need more permissions?

Thanks in advance.

1 Like

Hi @Yvan,

Were you able to figure this out?

I am also having a similar problem and just asked a question on this forum: Impersonate a User Via Keycloak API?

@edgewoodsoftware @Yvan Hello, I am facing the same issue in my react.js typescript project.
I am using keycloak-admin-client( in my project. there is a function to impersonate, and it’s returning the following.
{redirect: ‘…’, sameRealm: false}
I tried to open the URL of redirect in the new tab, but it’s redirecting to the login page.
did you solve the issue?