Impersonating Accounts

Owned by Victor Macko
Last updated: Sept 19, 2023
3 min read

Impersonating accounts allows you to setup role-based accounts (eg. 'Supervisor') which might have more permissions than your own, but still ensure that changes made are attributed to both the Supervisor user, as well as being linked to the person actually making the changes. To impersonate an account, first login as your own as normal (eg. John Smith), then goto 'My Account & Password', and click 'Impersonate another account'. From there, a login box will appear to login as the user you would like to impersonate (eg. Supervisor).

Why use impersonation?

If the account being setup is role-based (eg. Supervisor), rather than for a particular individual, you can set up the account so it can only be used when someone has already logged in through their own account - eg. John Smith would need to first log in to the system using his own username and password, and only then can he log in to the 'Supervisor' account he would like to use to obtain further access. This means that you can have a single high-privilege account that is shared between multiple staff, while still being able to audit system changes to a specific person.


To log into an impersonated account, go to 'Settings' > 'My Account & Password', and then click 'Login as another user' on the right-hand side of the page.

For more information about how to set up impersonation for an account, see the account access page.

Restricting Impersonation

You may wish to restrict whom can impersonate certain accounts, eg. supervisor accounts or those only certain teams should be able to assess (as part of their job). To do this, in the 'permissions' page of the supervisor-account (the account you would like people to impersonate), enter in either the names of the people you would like to be allowed to login, or the names of the groups those people should be part of.

Whenever 'impersonation restrictions' are entered, rather than allowing anyone with the username and password to impersonate the account, the system will restrict whom can impersonate the account to only those people whom meet at least one of the requirements (eg. being the user whom is named, or being part of the group listed).

Login as your staff & volunteers

You can use account impersonation to diagnose issues your staff and volunteers might have come across.

Required permissions: the account you're using needs to have permissions to impersonate the accounts, in all groups the person you wish to impersonate is part of.

Administrator access also gives you "impersonate accounts" access, but your account still needs permissions in all groups the person you're trying to impersonate is part of.

Eg. if Person A (you) is logged in, and would like to impersonate Person B (part of Groups A, B, and C), then Person A needs to have impersonation permissions in at least groups A, B, and C. This is to ensure the user can't inadvertatly gain access to additional groups they wouldn't have otherwise had access to (ie. groups Person B is part of).

Auditing: Note that all actions you take as 'Person B' will be logged as per normal, along with a note indicating you (Person A) were logged in at the time.

How?

The 'Impersonate' button at the top-right of the permissions page for a person (eg. Person B in this instance) will log you into their account.

At any stage, you can click 'Return to your account' in the menu at the top-right of the page;