0

I have a simple .NET 6 app where users login through Azure AD. Is there a way to do impersonation where my admins can login as any user for troubleshooting purposes?

My app is using Microsoft.Identity.Web, I don't have an API or anything at this point. Just a simple web app protected by AAD.

Tiny Wang
  • 10,423
  • 1
  • 11
  • 29
Victorio Berra
  • 2,760
  • 2
  • 28
  • 53
  • 1
    Did you mean that, your user signed in your .net 6 app one day, and he met a trouble to view some pages, but other users can sign in those pages as normal, so you want to sign in the app with his account to help troubleshoot, but it's not safe to ask for the account and password from your user, so it's better that you can sign in with your admin account, and then help troubleshoot? – Tiny Wang Oct 25 '22 at 02:53
  • I think whether it can be done or not depends on the issue. If the problem is related to the user information(as you know azure ad provide a user management feature), then you can use admin account to get all users' information. But if the problem was related to your own business, then it's a custom question I think, – Tiny Wang Oct 25 '22 at 02:58
  • 2
    It's your app; you can make your own authentication method. But user impersonation is antithetical to AD, so it really will be an all-new authentication method. – Joel Coehoorn Oct 25 '22 at 03:02
  • I searched in google again and I'm afraid that Azure AD can't do such "impersonation" actions, and I agree with @JoelCoehoorn, you can create your own custom feature in your app. – Tiny Wang Oct 31 '22 at 08:47

0 Answers0