Login as

To help troubleshoot issues on their website or support portal, administrators can log in as the user experiencing the problem using ReachFive.

You can log in as another user in the ReachFive console if you have access to the Profiles page, or use the dedicated Login as API endpoint. If you wish to use the API, refer to the Login as via API section below.


Whitelist the following URLs in your selected first-party identity API client:

Via the Console

Configure Login as

  1. Enter your account in the console.
  2. Click Login as page.
  3. Select your first-party identity API client.
  4. Define the Redirect url and make sure it has been whitelisted within your client.
  5. Select the type of credential to return:

    • code - Authorization Code flow
    • token - Implicit flow

Note: The credential of this type will be returned as a query string parameter when using the API.

Log in as another user

  1. Navigate to the profile to log in as (Account > Profiles).
  2. Click Actions > Login as.

You are redirected to your website/app, as defined in the Redirect url field, and logged in as the selected user via ReachFive.

When you log in as another user, this generates a login user event, traceable in the Recent Activity panel of the impersonated user, just like a standard login.

Login as via API

Here is the call sequence to follow when implementing the Login as feature via the Management API:

  1. POST https://{{domain}}/oauth/token
  2. GET https://{{domain}}/api/v2/users/:uid/login-as
  3. GET redirectUrl returned by the previous request.
  4. For Authorization code flow only, use the POST https://{{domain}}/oauth/token Identity API endpoint

Note: Tokens generated via Login As bear a custom claim provided win the response to an introspection the token.