The Impersonate User feature lets a Site Administrator temporarily view the web app exactly as a specific user sees it. Use it to understand what a user sees, check their access, or verify their configuration.

Impersonation is read-only. While impersonating, the Site Administrator sees the same interface, files, and configurations as the selected user, which makes it easier to help that user without changing anything on their behalf.

When to Impersonate a User

Common cases include confirming configuration and access for a newly onboarded user, reviewing a specific user's experience in real time, validating permissions for an internal team, and confirming that an external vendor is set up correctly.

Starting an Impersonation Session

A Site Administrator can impersonate any user from the Impersonate User option on that user's details page. Starting the session replaces the Site Administrator's current session with the selected user's session. A banner appears at the top of every page to indicate that impersonation is active.

To end the session, log out and sign back in with the Site Administrator account. That is the only way to return to the original session.

All impersonation activity is recorded in the API Logs under the Site Administrator's identity for audit purposes.

Actions Restricted During Impersonation

The impersonation session is read-only. No changes can be made while impersonating another user.

Restricted actions include opening or previewing files, downloading, uploading, deleting, moving, or copying files, and creating share links. Modifying site settings or configuration, and running automations, triggers, or sync operations are also not permitted.

The Site Administrator can view the same areas of the web application that the impersonated user can access, including folders, permissions, and configuration visible to that user.