Auth0 Home Blog Docs

User impersonation with Universal login setup

impersonation

#1

How can work user impersonation with Universal login setup?
Login (or signup) step is skipped going directly to the callback route. Here _auth0_callback_ and _auth0_state_ are missing from session, cause no authorize_redirect is called (I’m using authlib).


#2

Getting the same issue and have also posted this issue on StackOverflow


#3

I’m having the same problem. We did a hack to force the session variables that authlib uses (e.g. auth0_state), but with the latest release of authlib (0.9) the session keys changed. What is the correct way to handle this? Setting the session variables by ourselves feels very hacky…


#4

@rollsplact I honestly don’t think there is a way (if not a hacky way of achieving this). Auth0 disable user impersonation due to security and gdpr issues (response I got back from auth0). Apparently they are working on a way to achieve this but no timelines yet