Scoping Impersonation


I am trying to map a set of users that can be impersonated to a specific set of clients who can impersonate them. Currently I see that I can define which users can be impersonated, and separately which clients can impersonate. But, this still allows any clients who can impersonate to impersonate any users that can be impersonated.

For example here is what I want to try to set up:
There are 2 users: user1 and user2;
There are 2 clients: client1 and client2;

I want to allow user1 only be impersonated by client1, and user2 to only be impersonated by client2.

I am trying to do this in order to allow an internal service to scope itself to a particular user when it acts since I am following the principle of least privilege, but much of what I read talks about allowing the internal service to act on any resource which I think is a bad idea. Impersonation was a way I envisioned scoping for this scenario could work, but if there is a better way I would also love to learn!

1 Like