Impersonate Role
POST/api/v1/auth/impersonate
Start a role-impersonation session.
Requires admin.impersonate. Issues a fresh JWT carrying an
impersonated_role claim — the rest of the request lifecycle
(PermissionService, audit fan-out) honours it. The real user.role
column is never modified; impersonation lives entirely in the token.
Request
Responses
- 200
- 422
Successful Response
Validation Error