Skip to main content

Documentation Index

Fetch the complete documentation index at: https://memberpulseptyltd.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Journey Overview

AttributeValue
Journey IDUJ-A-005
ActorPlatform Admin
GoalView platform as a specific user to diagnose issues
TriggerSupport request requires seeing user’s perspective
OutcomeAdmin views platform as user, diagnoses issue

Preconditions

  • Admin has ROLE_PLATFORM_ADMIN permission
  • Target user exists in the system
  • Impersonation feature enabled

Journey Flow

Detailed Steps

1

Access User Management

Navigate to user management:
  • Admin Portal → Users
  • Or search user directly from dashboard
2

Find User

Search for target user:
┌─────────────────────────────────────────────────────────────┐
│ User Management                                             │
├─────────────────────────────────────────────────────────────┤
│                                                             │
│ [🔍 Search by name, email, ID...                     ]      │
│                                                             │
│ Filters:                                                    │
│ Tenant: [All Tenants ▼] Role: [All Roles ▼]                │
│ Status: [All ▼]                                             │
│                                                             │
│ Results:                                                    │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ John Smith                                              │ │
│ │ john@company.com • Acme Association                     │ │
│ │ Role: Member • Status: Active                           │ │
│ │ [View] [Edit] [🎭 Impersonate]                          │ │
│ └─────────────────────────────────────────────────────────┘ │
│                                                             │
└─────────────────────────────────────────────────────────────┘
3

Initiate Impersonation

Click “Impersonate” button:Confirmation dialog:
┌─────────────────────────────────────────────────────────────┐
│ ⚠️ Confirm Impersonation                                    │
├─────────────────────────────────────────────────────────────┤
│                                                             │
│ You are about to impersonate:                               │
│                                                             │
│ User: John Smith                                            │
│ Email: john@company.com                                     │
│ Tenant: Acme Association                                    │
│ Role: Member                                                │
│                                                             │
│ This will:                                                  │
│ • Switch your view to the user's perspective                │
│ • Allow you to see what they see                            │
│ • Log all actions taken during impersonation                │
│                                                             │
│ Reason for impersonation (required):                        │
│ [Support ticket #12345 - login issue          ]            │
│                                                             │
│ [Cancel]  [Start Impersonation]                             │
│                                                             │
└─────────────────────────────────────────────────────────────┘
4

Impersonation Session

Session switched:Visual Indicators:
  • Banner: “You are impersonating John Smith [End]”
  • Different color scheme/border
  • Watermark (optional)
Capabilities:
  • View all screens as user
  • Navigate as user would
  • See user’s data and permissions
Restrictions:
  • Cannot change password
  • Cannot delete account
  • Cannot access other user data
  • All actions logged
┌─────────────────────────────────────────────────────────────┐
│ ⚠️ IMPERSONATING: John Smith (john@company.com)  [End]     │
├─────────────────────────────────────────────────────────────┤
│                                                             │
│ [Normal Member Portal View]                                 │
│                                                             │
│ Dashboard                                                   │
│ Welcome, John                                               │
│                                                             │
│ Your Membership: Professional                               │
│ ...                                                         │
│                                                             │
└─────────────────────────────────────────────────────────────┘
5

Diagnose Issue

Admin investigates:
  • View user’s dashboard
  • Check membership status
  • Review event registrations
  • Test feature access
  • Reproduce reported issue
6

End Impersonation

Click “End” or “End Impersonation”:
  • Session returns to admin
  • Impersonation logged with duration
  • Admin back in Admin Portal
┌─────────────────────────────────────────────────────────────┐
│ ✅ Impersonation Ended                                      │
├─────────────────────────────────────────────────────────────┤
│                                                             │
│ Session Summary:                                            │
│ User: John Smith                                            │
│ Duration: 5 minutes 32 seconds                              │
│ Pages Viewed: 12                                            │
│ Actions Taken: 0 (view only)                                │
│                                                             │
│ [View Audit Log]  [Back to Users]                           │
│                                                             │
└─────────────────────────────────────────────────────────────┘

Audit Logging

All impersonation activity is logged:
EventLogged Data
StartAdmin ID, User ID, Reason, Timestamp
NavigationPages visited
ActionsAny changes made
EndDuration, Summary

Security Considerations

  • Requires explicit permission
  • Reason must be provided
  • Session time-limited (30 min default)
  • Cannot be used on other admins
  • Audit trail maintained
  • User may be notified (configurable)

Acceptance Criteria

Frontend

  • Impersonate button on user records
  • Confirmation dialog with reason input
  • Impersonation banner visible at all times
  • End impersonation button
  • Session summary on end
  • Visual differentiation during impersonation

Backend

  • POST /api/admin/impersonate/{userId} - Start
  • POST /api/admin/impersonate/end - End
  • Session token with impersonation context
  • Comprehensive audit logging
  • Action restrictions during impersonation

Permissions

  • Only ROLE_PLATFORM_ADMIN can impersonate
  • Cannot impersonate other admins
  • Tenant boundaries respected

Business Rules

  • Reason required for audit
  • Session timeout enforced
  • Certain actions blocked
  • Full audit trail

Error Handling

  • User not found handling
  • Session timeout notification
  • Graceful end on browser close