This use case applies to an organization where employees with regular end-user accounts shall be enabled to access the Adminapp as realm administrators.
- The solution presented here has the following characteristics:
- The solution allows a regular end-user to obtain an SSO ticket that contains both roles and the realm value for the Adminapp.
- The Adminapp authenticates the administrator with the SSO ticket and limit access using roles and realm value from the SSO ticket.
- For an end-user to be authorized to obtain the SSO ticket, the user must have at least the useradmin role and may have the tokenadmin role.