Authorization to switch identity and whitelist
To prevent undesirable impersonation, the authenticated user (the service user whose credentials are used by the machines) must be authorized to switch its LnIdentity.
To allow an LN API identity to switch identity, these authorization settings are required:
- In the API role of the service user, the Allow Switch Identity option must be set to Yes.
- The API role of the service user must have a whitelist. This whitelist must contain the
API identities to which the service user must be able to switch. These are called the “To
Identities”.
For example, to successfully send requests for the 2 machines mentioned before, the whitelist must contain the API identities of machine 1 and 2.