-
-
Notifications
You must be signed in to change notification settings - Fork 472
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feature request: SDKs supporting impersonation #6914
Comments
This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days. |
Bump |
Thanks for your feedback! Currently, our SDK is designed for client-side use only, and user impersonation is an admin feature that can only be requested through the Logto Management API, to be managed securely on your backend service. Please refer to this documentation for more details on how to implement user impersonation securely. Let us know if you have any further questions! |
Hello @simeng-li I understand the concern, however I'm currently using the sveltekit SDK on the server only and don't request tokens client-side. It would help already if I could override the access token in the SDK - do you know if that's possible somehow at the moment or if that's something you could potentially add to the SDK? |
What problem did you meet?
I'm trying to implement user impersonation using the logto sveltekit SDK. Unfortunately the SDK does not support impersonation officially (discord)
When trying to debug it's important to be able to view the whole app from a user's perspective, hence the ability to impersonate a user is great. But without support in the SDK it seems to be I'm forced to put a lot of hacks or workarounds in place which is potentially error prone. (If there's a recommended way to deal with this limitation I'd appreciate any guidance)
Describe what you'd like Logto to have
I'm using the logtoclient throughout my app and would like to be able to override the client's access token with my subject/access token to start impersonation and viewing the app from the user's perspective without having to worry to mix access tokens anywhere.
The text was updated successfully, but these errors were encountered: