In case of client credentials grant in the authorized access use case, a client application impersonates a user that has authorized access to 1-to-n server applications. See also Client Credentials Grant - SSO.
Impersonation is configured as a specific link between the application and the user.
NOTE that if there is an impersonation link between an application and impersonates a user the user cannot be which is deleted from the system until also the link has been removedwill be removed. A new user must be linked to the application to make client credentials grant authorized access use case functional again.
About SSO Management API in general, see Management API - SSO.
...
Manage impersonation from user side
Link name: impersonatedBy
A The same user may have one-to-many impersonatedBy
links to an applicationseveral applications.
Method | Example request | Example response | Description | ||
---|---|---|---|---|---|
GET |
| When there is a link to both
| Get the applications linked to the given user with an | ||
PUT |
|
| Create or update the link from user to an application. No action if a link between the given user and application already exists. If another application name is given an existing | ||
DELETE |
|
| Remove the link from user to the application. |
...