Impersonate a given user.Deprecated

Use this operation to request an access token to perform other API operations that require authorization.

The authentication response includes an accessToken which is used as the AccessToken request header when performing any authenticated operation.

This operation will also accept the previous authentication response as the request payload to return a refreshed access token. The access token expires after 1 hour and must be refreshed after expiration, using the included refreshToken. The refresh token can be used for up to 30 days to request new access tokens, or until the refresh token is revoked. Once the refresh token expires or is revoked, the user credentials must be provided again to generate a new access token and refresh token.

SecurityApiKeyAuth or BasicAuth
Request
header Parameters
X-API-Key
required
string

Customer-specific API key required to invoke API.

Authorization
required
string

Provided by Authentication Token creation operation

AccessToken
required
string

JWT token provided by Authentication Token creation operation.

Content-Type
required
string
Value: "application/json"
Request Body schema: application/json
required

The Request Body must be a JSON-formatted string.

The following parameters are required to request an access token:

  • username

  • The credentials obtained after invoking this API will not be able to refresh tokens

username
string

Use in new token request

Responses
200

Successful operation

400

Bad request

401

Unauthorized

403

Forbidden

422

Pre Conditions Failed

post/auth/impersonate
Request samples
application/json
{
  • "username": "user-name"
}
Response samples
application/json
{
  • "endpointUrl": "https://endpoint.url/v1",
  • "clientId": "12345abc",
  • "userPoolId": "us-east-1_123456789",
  • "username": "username",
  • "password": "",
  • "session": {
    }
}