This article shows how to configure the representer side of the user representation feature in the Loginapp REST API.
Overview
The user representation feature involves two Airlock IAM instances:
- The representer side
- The representee side
Important conceptual information about the user representation feature can be found in User representation.
This configuration instruction is about the representer side only.
On the representer IAM two protected self-service flows are configured:
- A flow to start user representation
- A flow to stop user representation
Prerequisites
- An authentication flow for the representer must exist.
- Either of the license bundles IDM or AVALOQ must be licensed.
Instructions
- Go to:
- Create a new flow with flow ID start-user-representation.
- Add the step Start User Representation Step and configure it. Please refer to the plugin documentation in the Config Editor for further information. Note that the default ticket lifetime is 5 seconds.
- Create a new flow with flow ID stop-user-representation.
- Add the step Stop User Representation Step and configure it. Please refer to the plugin documentation in the Config Editor for further information. Note that no interactive steps may be configured after the Stop User Representation Step.
- Review or adapt access control settings in the IAM Adminapp.
Go to: Adminapp >> Access Control (section Authentication Token Management) - Activate the configuration.
- The representer side of the user representation feature is now configured in the Loginapp REST API.
Loginapp >> Protected Self-Services >> Protected Self-Service Flows
Further information and links
- Conceptual information: User representation
- User representation: representer configuration in the Loginapp UI