Passing session token generated by impersonate API

alxsbn · September 8, 2020, 10:20am

Hello,

I have a particular setup with 2 keycloak servers :

server A : contains users and expose a specific client
server B : using server A as an identity provider.

Then I have a app which :

need to use the impersonate API of server A to generate a session token (OIDC) in the name of a user
then redirect to server B

When the redirection is done, the session token is lost (whatever the method).

The main idea is to fake the connectivity of a user and avoid to ask for login/password.
Do you have an idea of what need to be fixed to achieve this ?

Thanks in advance

Topic		Replies	Views
OAuth2 IDP instead of OIDC Configuring the server authentication , identity-brokering , oidc	1	1146	October 3, 2020
Serving access tokens to users already logged in with third party identity provider Getting advice authentication , oidc	0	451	April 7, 2022
Creating API token for server-to-server requests Getting advice	2	1473	February 1, 2020
Keycloak as identity provider	0	374	April 13, 2020
Support for id_token_hint to avoid login flow again Getting advice oidc	2	1841	February 13, 2021

Passing session token generated by impersonate API

Related Topics