User representation: representer configuration in the Loginapp REST API

This article shows how to configure the representer side of the user representation feature in the Loginapp REST API.

The user representation feature involves two Airlock IAM instances:

• The representer side
• The representee side

Important conceptual information about the user representation feature can be found in User representation.

This configuration instruction is about the representer side only.

On the representer IAM two protected self-service flows are configured:

• A flow to start user representation
• A flow to stop user representation

• An authentication flow for the representer must exist.
• Either of the license bundles IDM or AVALOQ must be licensed.

1. Go to:

Loginapp >> Protected Self-Services >> Protected Self-Service Flows

2. Create a new flow with flow ID start-user-representation.
3. Add the step Start User Representation Step and configured it. Please refer to the plugin documentation in the Config Editor for further information. Note that the default ticket lifetime is 5 seconds.
4. Create a new flow with flow ID stop-user-representation.
5. Add the step Stop User Representation Step and configured it. Please refer to the plugin documentation in the Config Editor for further information. Note that no interactive steps may be configured after the Stop User Representation Step.
6. Review or adapt access control settings in the IAM Adminapp.
   Go to: Adminapp >> Access Control (section Authentication Token Management)
7. Activate the configuration.
8. The representer side of the user representation feature is now configured in the Loginapp REST API.

• Conceptual information: User representation
• User representation: representer configuration in the Loginapp REST UI