REST API - impersonating user

I am using the REST API to retrieve/upload documents from a Web Application. I would like to use the Application user name (which matches the content server username) to act as this user.
Currently I am connecting with the admin user, but I would like to use the REST API with a user that has less rights. I created a Content Server User, but I cannot authenticate with this user.
1.) Does the REST API only allow connecting with the admin user? How can I connect with another user? What are the prerequisites for this user?
2.) Does the REST API support impersonation? (connecting via admin user and then act as another user)
3.) Does the SOAP API support this?

Thank you,
Hannes

Tagged:

Comments

  • Users with the login privilege can authenticate the REST API calls. Getting the ticket value for the OTCSTicket header by v1/auth:

    POST .../api/v1/auth
    username=myname&password=mypassword
    

    Users with the system administration privilege can impersonate other users:

    POST .../api/v1/auth
    username=myadmin&password=myadminpassword&impersonate_username=myname
    

    LAPI and SOAP WS support impersonation too.

  • I am getting 401 - Unauthorized: Access is denied due to invalid credentials.You do not have permission to view this directory or page using the credentials that you supplied.

    My Credentials are correct and I am getting the token if I remove the impersonate_username field. Please suggest if I need to add any patch here.