As a USER_ADMIN user, it is possible to impersonate another user by adding the FT-Impersonate-User-Id header parameter, and assigning it a userId as value in selected web services.
This is possible in the following web services:
This can be useful to test access rules.
Example
In the following example, a cURL command uses the FT-Impersonate-User-Id header parameter:
curl --request POST 'https://doc.fluidtopics.com/api/khub/maps/search' \
--header 'Ft-Calling-App: antidot/doc' \
--header 'Ft-Calling-App-Version: master-48257' \
--header 'Authorization: Bearer kljJFLS45fdsar4asdrgKGjdfKJLSUON' \
--header 'Content-Type: application/json' \
--header 'FT-Impersonate-User-Id: 756e38ed-bbc2-447a-985c-f2c7cc50f4ef7' \
--data '{
"query": "API"
}'
The value of the FT-Impersonate-User-Id header parameter must match a userId provided by the Search users web service.
The USER_ADMIN must authenticate when impersonating another user.
Using the FT-Impersonate-User-Id header parameter can return the following error codes:
| Return code | Description |
|---|---|
200 OK |
The request is valid and data is returned. |
400 BAD REQUEST |
No user exists with this ID. |
401 UNAUTHORIZED |
The authorization header was not provided or is invalid. |
403 FORBIDDEN |
The user or API key does not have the ADMIN or USERS_ADMIN role. |