support
Super-admin impersonation
Debug a tenant issue without asking for their password.
Super-admin clicks Impersonate on any tenant — we mint a tenant-scoped JWT and redirect into their dashboard. Every action is recorded in audit_logs with imp_by = super_admin_id.
- One-click from the tenant detail page
- Persistent red banner shows "You are impersonating"
- Audit trail records both the impersonator and the target user
- End-impersonation button restores super-admin session
How it works
POST /api/superadmin/tenants/{id}/impersonate issues a JWT with imp_by/imp_email claims. The front-end decodes these and shows the banner. Everything they do is audited both ways.
Available from any tenant detail page.