#User impersonation

Hi @wide torrent. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:

There is no built-in or officially recommended way in Convex or Convex Auth to allow a super-admin to impersonate a user and view the application from their perspective. However, you can implement this functionality yourself at the application level.

From the available sources:

• Convex does not handle authorization directly; it only provides authentication. To allow an admin to "log in as" or impersonate a user, you would need to write custom backend logic that allows specific admins to impersonate users. This typically involves creating a function (e.g., getCurrentUser()) that uses alternate logic when an admin is logged in, allowing them to act as another user. This is an authorization concern, not an authentication one, so you must ensure only authorized admins can use this feature and that it is implemented securely sign in as user ?.

• For testing purposes, the Convex dashboard allows you to "Act as a user" by specifying the subject and issuer fields, which simulates requests as a particular user. However, this is only for testing in the dashboard and not for production impersonation features Testing authenticated functions from the dashboard.

In summary:
You can implement user impersonation by adding custom logic to your backend functions to allow super-admins to act as another user, but you must handle the authorization checks yourself. There is no out-of-the-box support for this in Convex Auth. Be sure to secure this feature carefully to prevent abuse.

Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: