Review Access Rights configurations with Impersonate

  • 21 April 2022
  • 0 replies
  • 98 views

Userlevel 4
Badge +3
  • Community Manager
  • 41 replies

When rolling out an application, data security is always a concern.  The Impersonate feature allows you to define a Security Admin who can sign in as another user to review their access rights permissions. 

 

What does Impersonate do?

Impersonate allows users with the Security Admin account type to be able to “Login as” another individual.  This will allow them to see what the other user can see.  This is a powerful way to check the Access Rights they have applied to them.  When signed in as another user, you will still have the permissions from your original account.  Essentially, you will be able to check their access rights but not to be able to see which permissions they have assigned to them.  

 

Who can Impersonate? 

There are two account types that can Impersonate, the Primary Owner and Security Admin. The Primary Owner must first assign a user the Security Admin account type.  After that, the Security Admin can assign others that account type. When a user is given the Account type of Security Admin, this setting applies to the entire Workspace.  However, a Security Admin can not gain access to an Application they are not given permissions into.  For example, if Pierre is a Security Admin, but does not have a role in a HR application, he would not be able to see this application nor use the impersonate feature in it.

 

How to Impersonate?


First, make sure you have the correct Security Admin Account type. Next, there are two ways to activate the Impersonate feature. 

 

From Boards 

 

You can easily activate Impersonate from a Board.  In the top right, select Impersonate, then choose the user whose Access Rights you want to review. 

 

From Blocks 

Once in a block, you’ll see an icon appear in the top right. Click the icon and select a user you to impersonate.

 

 

Turning off Impersonate 

When you are done, you can click the X next to the name of the person you were impersonating to go back to your user settings.

 

 

Ability to opt-out of Impersonate

The Primary owner of a workspace can contact support if they wish to disable this functionality for their entire workspace.  There is no ability to disable at the Application level.  However, if a user, even with the account type of Security Admin, does not have access to an Application, they will not be able to use Impersonate. 


0 replies

Be the first to reply!

Reply