User Impersonation

🚧

Prerequisites

The following versions are required to use the feature:

@frontegg/[email protected]
@frontegg/[email protected]
@frontegg/[email protected]
@frontegg/[email protected]
@frontegg/[email protected]

User Impersonation refers to the ability to grant access to another user's account temporarily, typically an administrator or support user. This feature can be extremely useful for troubleshooting, testing, or resolving user issues without the need for the original user's login credentials. With Frontegg, you can impersonate your users easily and securely.

In this guide, you will learn about setting up and configuring user impersonation in your app.

❗️

User impersonation allows to perform actions within another user’s account (including actions such as switching between accounts). Only give impersonation permissions to those you trust.

Using user impersonation

To impersonate a user, go to your Backoffice > Accounts, and next to the user you wish to impersonate, click the “Impersonate User” option, like so:

You’ll then be asked to enter a reason why you wish to impersonate the user. The reason you specify will appear in the vendor's audit logs and account audit logs (if enabled).

If you enabled impersonation for your accounts and the user's role permits impersonation, a session will open in a new tab, logged in as your target user with their role. The session will last for a maximum of 60 minutes and cannot be extended.

Impersonation on a user level

If a user is the subject of an existing impersonation session, they should see an impersonation session in their login sessions. Like any of their sessions, they can revoke that session, ending the impersonation session.

Who can impersonate users

To impersonate users, you must either have an Owner role or an Impersonator role (in addition to any other role that gives you access to users). See Permissions to learn more.