IdentityServer4 - How to Implement Impersonation

Question

I have a requirement of allowing our internal support users to impersonate our customer users.

I\'m currently using IdentityServer4, Implicit Flow and OIDC Client.

Answer 1

Probably wouldn't try to build an impersonation feature into the core IdentityServer4 libraries. You really just need a small data structure to hold your impersonated UserId and a service to check for that. It is a foundation feature that you application should be designed around.

Also consider, you may need superuser features that still present themselves even though you are impersonating (e.g. un-impersonate).