Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-13919

For Remote API; Impersonate or Become User or Logon As Feature

XMLWordPrintable

    • 0
    • 0
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.

      Hello,
      I can't search the confluence as an user from my applications. Because there isn't the feature of become user, vs. This blocks the integration processes. My main goal is providing a small dashboard view (specially recent updated section) from our portal application to users with a portlet. I know admin password of the confluence, but i can't get user's passwords from portal server and shouldn't be get, i know user's user name and know that user logged in the portal application with their correct credentials.
      So, like many other applications; Become user, impersonate, Logon as feature for remote API would be appreciated.

      I hope that i've explained clearly.
      Regards,

            [CONFSERVER-13919] For Remote API; Impersonate or Become User or Logon As Feature

            Applications Unit added a comment -

            I have a need for this too.  I'd like impersonation added to the search API.

            We have areas of Confluence segregated for various teams. It is our main information repository and some info is considered sensitive so a user must be authenticated to access only data relevant to them.

            In an application we run a search on behalf of a user using the /rest/searchv3/1.0/search API and we authenticate using admin credentials. Our issue with using the current API in this way is it will return search results the user should not have access to.

            The ideal solution is for our search to authenticate to Confluence using an admin account, and take a query parameter similar to run-search-as-user=bobx so only appropriate results are returned to the user.

            Applications Unit added a comment - I have a need for this too.  I'd like impersonation added to the search API. We have areas of Confluence segregated for various teams. It is our main information repository and some info is considered sensitive so a user must be authenticated to access only data relevant to them. In an application we run a search on behalf of a user using the /rest/searchv3/1.0/search API and we authenticate using admin credentials. Our issue with using the current API in this way is it will return search results the user should not have access to. The ideal solution is for our search to authenticate to Confluence using an admin account, and take a query parameter similar to run-search-as-user=bobx so only appropriate results are returned to the user.

            Sherif Mansour added a comment -

            If implemented, this should be part of CONF-6786. Impersonation should happen at both a GUI level as well as through the remote API.

            Sherif Mansour added a comment - If implemented, this should be part of CONF-6786 . Impersonation should happen at both a GUI level as well as through the remote API.

            Marc Elliott added a comment -

            This is a real deficiency that prevents us from creating new applications for the distributions of Confluence-based content.

            Marc Elliott added a comment - This is a real deficiency that prevents us from creating new applications for the distributions of Confluence-based content.

              Unassigned Unassigned
              932ceab19765 Mustafa Yorukoglu
              Votes:
              8 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated: