Before initiating an impersonated session, the administrator must create a policy for the session. This policy must be created under Impersonation administrator’s interface.
A role must be created for Impersonator and another role for Impersonatee, and the impersonatee role mapped to the impersonator role. To create a policy, see Role Policies.
Example: Let’s suppose a user belongs to the group membership, Access Helpdesk, and creates a role called Access Impersonator. Create another group of users with role Access Impersonatee and map it to the Access Impersonator role. Now, only Access Impersonator can impersonate Access Impersonatee role users.
To initiate impersonation, Access Impersonator requests impersonation from Access Impersonatee. Upon approval, Access Impersonatee clicks the Help Desk Session and is notified that the Impersonation is in progress.
The Impersonator must have the role that is authorized to perform Impersonation.
The Impersonatee has to give consent to the impersonator to access the session.