# /impersonate - Start impersonation (permission-based access)

**POST /impersonate**

Allows users with `impersonate:users` permission (Super Admin role) or Owner organization role
to impersonate another user, but only if that user has active consent enabled.
The impersonation token duration will match the user's consent settings.



## Servers
- Backend API server (port 8080): https://api.your-domain.com/api (Backend API server (port 8080))
- Collect API server (port 8081): https://collect.your-domain.com/api (Collect API server (port 8081))


## Authentication methods
- Bearer auth


## Parameters



## Body parameters
Content-type: application/json

- **user_id** (string)
  ID of the user to impersonate

## Responses
### 200: Impersonation started successfully

#### Body Parameters: application/json (object)
- **code** (integer)
  
- **message** (string)
  
- **data** (object)
  

### 400: Bad request (cannot impersonate yourself, user not found, etc.)

#### Body Parameters: application/json (object)
- **code** (integer)
  HTTP error code
- **message** (string)
  Error message
- **data** (object)
  

### 403: Forbidden (insufficient permissions for impersonation, or already impersonating)

#### Body Parameters: application/json (object)
- **code** (integer)
  HTTP error code
- **message** (string)
  Error message
- **data** (object)
  

### 401: Unauthorized - invalid or missing token

#### Body Parameters: application/json (object)
- **code** (integer)
  
- **message** (string)
  
- **data** (object | null)
  


[Powered by Bump.sh](https://bump.sh)