Skip to main content
GET
Impersonate Customer

Impersonate Customer

Returns a short-lived token that can be exchanged for a full auth session as the target customer. Used in the portal when a team administrator chooses to sign in on behalf of a team member — both from the sign-in profile selection flow and from the team permissions page.

Authentication

Requires a valid customer bearer token. The authenticated customer must have the necessary permission (e.g. team admin rights) to impersonate the target customer.

Path Parameters

coworkerId
number
required
The numeric identifier of the customer profile to impersonate. Obtain this from GET /api/public/coworkers/profiles (Profiles[].Id).

Response

Returns a JSON object containing a single token field. Pass this token to the token-exchange endpoint (POST /api/public/auth/login/{token}) to obtain a full auth session as the target customer.
token
string
required
A short-lived token string. Exchange it via exchangeToken() (which calls the login endpoint) to start an impersonated session.

Examples

Impersonate a team member

TypeScript Integration

Usage in Portal

Error Responses

401 Unauthorized
error
The bearer token is missing, expired, or invalid.
403 Forbidden
error
The authenticated customer does not have permission to impersonate the specified profile.
404 Not Found
error
No customer with the given coworkerId was found.