Hi Auth0 Team,
I was trying to hind out how I can impersonate a user while calling or unit testing an API end point. as an example, as a customer, I want to query my last 5 orders on an e-commerce portal. I can do this easily by getting the access token while logged into the portal, as the userid gets automatically wired into the jwt. however, when I test this API in isolation, I can not get a similar token that can impersonate a particular user. how can I restrict a user querying another user’s order without this facility? This is purely from a component/API testing angle.
thank you.
Prasad