Home » Community » Developer Space » Telligent Evolution Platform Discussion » Stop Impersonating through Widget API or REST API.

Stop Impersonating through Widget API or REST API.

Open Support Ticket

Call Support:
Direct: (214) 420-1337
Toll Free: (877) 522-6334

Monday through Friday
8 a.m. to 6 p.m. Central (GMT-6)

Join our Community
Details
  • 3 Replies
  • 0 Subscribers
  • Posted8 months ago
Options

Stop Impersonating through Widget API or REST API.

This question has suggested answer(s)
nickjo
Posted by
on Fri, Aug 31 2012 11:49 AM

Hello,

Can I stop Impersonating through widget API or custom code.

Thanks,

Nick
All Replies
  • Michael Monteleone
    Posted by
    on Fri, Aug 31 2012 2:23 PM
    Suggested Answer

    Hi Nick,

    Can you explain a little more about what you're building?  The Widget API actually does *not* support impersonation, and only runs as the accessing user who is viewing the site.  If you would like to impersonate a different user, the REST API supports this, as long as the actual user making the REST requests has the "Site_ImpersonateUser" permission.

    Here's some details about REST impersonation:

    telligent.com/.../how-to-authenticate-through-platform-apis.aspx

    telligent.com/.../1069801.aspx

    Thanks,

    Michael
  • nickjo
    Posted by
    on Mon, Sep 3 2012 8:14 AM

    Hi Michael,

    Actually I have created a custom plugin to delete the user account. Delete User  REST API requried Site-Manage Membership permission but I dont want to give Site-Manage Membership permission for all the site users.

    So before delete user REST API I am impersonating user to the admin user and executes DELETE USer REST API.  After deleting user I want to change stop the impersonating user.

    Can we override the CSContext object  back to its previous value?

    Thanks,

    Nick
  • Michael Monteleone
    Posted by
    on Tue, Sep 4 2012 5:13 PM

    Unfortunately, in 6.x, impersonation isn't supported for the in-process Platform APIs, and only for REST.  What kind of plugin type is this?  Is this potentially a solution which could run out of process as a user with the necessary permissions?  Perhaps as a scheduled job?