i'm using Cognito for user authentication on a site I'm working on for a client, and I need to add (if possible) a way for an admin (of the site) to login as a user. It's mainly used to see issues that the user is experiencing.

Do you know if there's a way to do that with Cognito, basically signing in as someone else if you have a specific code or belong to a specific group, or any other way?

Thanks

1 Answer

Not easily.

Effectively Cognito doesn't want you to be able to do this, as it opens no end of security issues within your application.

However, you can take control of the authorisation process by using Custom Authentication. By writing your own custom authentication, you can effectively allow user impersonation so long as the authenticating user can pass your authentication "tests".

I'd invite you to think hard about this method, however, as it does mean that you are now responsible for making sure no one else can use this backdoor.

3

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge that you have read and understand our privacy policy and code of conduct.