logto
logto copied to clipboard
logto-io
feature request: Impersonation Functionality
I hope this message finds you well. Firstly, I want to express my sincere gratitude for the exceptional product you've developed. LogTo has proven to be an invaluable tool for our team, revolutionizing the way we handle logging processes.
I have another feature request that I believe could significantly enhance our administrative capabilities within the platform. It would be immensely beneficial to introduce an impersonation functionality, allowing administrators to log in on behalf of users when necessary.
This feature could be implemented through a simple toggle switch in the admin console, giving administrators the ability to enable or disable impersonation as needed. When enabled, administrators would be able to select a user from a list and seamlessly log in to the platform using their credentials. This would provide invaluable support for troubleshooting, user assistance, and administrative tasks that require direct access to user accounts.
By incorporating impersonation functionality into LogTo, you would not only empower administrators with greater control and flexibility but also streamline support processes and enhance overall user experience.
I believe this feature would be a game-changer for our team and would greatly appreciate your consideration in implementing it. Thank you for your continued dedication to innovation and excellence.
Admin users can go to "user management" page and reset any user's password. Then the admin can use the new password to sign-in on behalf of the user. Would this be something that can work for your cases?
@charIeszhao, No I dont belive reset password might be the case fo 2 reasons, first what if user only used social login, second if admin change the password after that user again need to change password, also with impersoate functionality you can add a more filed like impersonateId that after that in app layer you can infore someone else is controlling user account and then can keep logs record for that on app side which will be a powerful tool.
I'd also be interested in this. One important use case is debugging user access rights and so on. Resetting someone's password to investigate why that person can or can't see something doesn't sound good :)
This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.
Hi @wangsijie this will be an awesome feature! How is it going to work? Will there be an additional claim on the jwt with the user id of the user being impersonated and the expiry time?
On Sat, 22 Jun 2024 at 11:19, wangsijie @.***> wrote:
Update: will be ready in July.
— Reply to this email directly, view it on GitHub https://github.com/logto-io/logto/issues/5722#issuecomment-2183639209, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA4F7IOZQZWC4T23V2PC6UTZITGKPAVCNFSM6AAAAABGITRFVGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCOBTGYZTSMRQHE . You are receiving this because you are subscribed to this thread.Message ID: @.***>
@jonsamwell You can reuse the feature of "custom JWT", check this file to learn more: https://github.com/logto-io/rfcs/blob/master/draft/0005-impersonation.md
This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.
This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.