IdentityServer4 - How to Implement Impersonation

Question

I have a requirement of allowing our internal support users to impersonate our customer users.

I\'m currently using IdentityServer4, Implicit Flow and OIDC Client.

Answer 1

you can implement IResourceOwnerValidation and validate your support users in your own way. for example generate a code for specific user and give it to support user, then in your implementation check your password with that code too.