I am building an integration application that will act as the middleware between a mobile app and M3. The application is set up in ION API Gateway as a Backend Service with a service account that uses a special user (let's call it APPUSER). The service account name and secret keys from the .ionapi file are then used to authenticate the API calls made by the application. For better performance we use the bulk API (m3api-rest/v2/execute) to perform multiple API transactions against the same program.
When an API call updates or inserts data into M3, the record is shown in the M3 UI as last changed by APPUSER. However, we want it to show the identity of the actual end user who made the change. I know it should be possible using impersonation by passing the username in the m3User property of the JSON API request as per the Infor document M3_Foundation_API_Guide_M3CE_16_0_0_2.pdf.
I know for a fact that user impersonation should work because I have used it before elsewhere. However, I can’t get it to work in this case which makes me wonder if user impersonation should be enabled for the service account user or the entire tenant. But I cannot find where it’s controlled.
What am I missing?
