Re: [OAUTH-WG] user impersonation protocol?

2015-02-16 Thread Mike Jones
Denniss; Justin Richer; Bill Burke; oauth Subject: Re: [OAUTH-WG] user impersonation protocol? Straight impersonation with no limitations isn't a good solution in the long run. On Monday, February 16, 2015 1:13 PM, William Denniss mailto:wdenn...@google.com>> wrote: I led a discussion o

Re: [OAUTH-WG] user impersonation protocol?

2015-02-16 Thread Bill Mills
nilla OAuth) or if you really do need impersonation. You may be able to get the desired results with less complexity that way. -- Justin / Sent from my phone / Original message From: Bill Burke Date:02/16/2015 10:20 AM (GMT-05:00) To: Bill Mills , Justin Richer , oauth

Re: [OAUTH-WG] user impersonation protocol?

2015-02-16 Thread Bill Mills
t from my phone / Original message From: Bill Burke Date:02/16/2015 10:20 AM (GMT-05:00) To: Bill Mills , Justin Richer , oauth Cc: Subject: Re: [OAUTH-WG] user impersonation protocol? Yeah, I know its risky, but that's the requirement.  Was just wondering if there was any prot

Re: [OAUTH-WG] user impersonation protocol?

2015-02-16 Thread Justin Richer
:02/16/2015 10:20 AM (GMT-05:00) To: Bill Mills , Justin Richer , oauth Cc: Subject: Re: [OAUTH-WG] user impersonation protocol? Yeah, I know its risky, but that's the requirement. Was just wondering if there was any protocol work being done around it, so that we could avoid doing

Re: [OAUTH-WG] user impersonation protocol?

2015-02-16 Thread Bill Burke
st considering adding a custom claim to the id token to indicate this is taking place. That way you can differentiate where needed, including in logs. -- Justin / Sent from my phone / Original message From: Bill Burke Date:02/15/2015 10:55 PM (GMT-05:00) To: oauth Cc: Subject:

Re: [OAUTH-WG] user impersonation protocol?

2015-02-15 Thread Bill Mills
stin / Sent from my phone / Original message From: Bill Burke Date:02/15/2015 10:55 PM (GMT-05:00) To: oauth Cc: Subject: [OAUTH-WG] user impersonation protocol? We have a case where we want to allow a logged in admin user to impersonate another user so that they can visit differe

Re: [OAUTH-WG] user impersonation protocol?

2015-02-15 Thread Justin Richer
PM (GMT-05:00) To: oauth Cc: Subject: [OAUTH-WG] user impersonation protocol? We have a case where we want to allow a logged in admin user to impersonate another user so that they can visit differents browser apps as that user (So they can see everything that the user sees through their browse

[OAUTH-WG] user impersonation protocol?

2015-02-15 Thread Bill Burke
We have a case where we want to allow a logged in admin user to impersonate another user so that they can visit differents browser apps as that user (So they can see everything that the user sees through their browser). Anybody know of any protocol work being done here in the OAuth group or s