The following are prerequisites for creating an impersonated session:
Before initiating an impersonated session, the administrator must create a policy for the session. This policy must be created under Impersonation administrator’s interface. To create a policy, see Section 8.2, Role Policies.
Example: Let’s suppose a user belongs to the group membership, Access Helpdesk, and creates a role called Access Impersonator. Now create another group of users with role Access Impersonatee and map it to Access Impersonator role. Now, only Access Impersonator can impersonate Access Impersonatee role users.
To initiate impersonation, the Access Impersonator requests impersonation from the Access Impersonatee. Upon approval, the Access Impersonatee clicks the Help Desk Session and is notified that the Impersonation is in progress.
The Impersonator must have the role that is authorized to perform Impersonation.
The Impersonatee has to give consent to the impersonator to access the session.