AurionAI Docs

Impersonate Tenant

Issue a short-lived tenant_admin JWT scoped to the target tenant. Issue #347 Gap E: The ``sub`` claim in the impersonation JWT is the super-admin's user UUID — NOT a user in the target tenant. This is intentional: it preserves attribution in audit logs and allows cross-referencing with the ``impersonated_by`` claim (super-admin email). Downstream code should not assume ``sub`` belongs to the target tenant's user pool.

POST
/api/v1/super-admin/tenants/{tenant_id}/impersonate

Issue a short-lived tenant_admin JWT scoped to the target tenant.

Issue #347 Gap E: The sub claim in the impersonation JWT is the super-admin's user UUID — NOT a user in the target tenant. This is intentional: it preserves attribution in audit logs and allows cross-referencing with the impersonated_by claim (super-admin email). Downstream code should not assume sub belongs to the target tenant's user pool.

Authorization

AuthorizationBearer <token>

In: header

Path Parameters

tenant_id*Tenant Id
Formatuuid

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

curl -X POST "https://loading/api/v1/super-admin/tenants/497f6eca-6276-4993-bfeb-53cbbbba6f08/impersonate" \  -H "Content-Type: application/json" \  -d '{    "reason": "string"  }'
{
  "access_token": "string",
  "expires_in": 0,
  "jti": "string",
  "role": "string",
  "tenant_id": "string",
  "token_type": "Bearer"
}
{
  "detail": [
    {
      "loc": [
        "string"
      ],
      "msg": "string",
      "type": "string"
    }
  ]
}