Impersonation in a .Net core application with Identity Server 4

Identity Server 4 does not provide native impersonation support which I needed for one of my projects. I have implemented one on top of it.

Here is the sample project I did on GitHub.

This is a sample application to show a way to implement impersonation when using Identity Server.

Key Points

  1. Authorization policy has been set up to restrict impersonation to users with specific roles.
  2. Admin users’ email is added as a claim while impersonating so that it can be used while ending the impersonation.
  3. Logic is simple as authenticating with the victim users’ email for impersonation with additional claims to track the impersonation and the impersonating user.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Venky Writes

Web Architect .Net Core, API, Azure, Serverless, Product Design & Delivery, Agile, C#, MVC, SQL DB, Cosmos DB, DevOps, Azure Log Analytics and Workspaces (KQL)