Skip to main content

Access Evo impersonation

Steps to enable and manage impersonation settings in Access Evo.

O
Written by Onyema Onyejekwe

Impersonation allows a user to grant someone else the ability to sign into Access Evo on their behalf, without sharing their password.

As an organisation administrator, you can control whether impersonation is permitted across your organisation and restrict which users (internal and external) are able to request it, i.e. sign into your account.

When enabled at organisation level, all users can grant impersonation access to others.

πŸ“ŒNote: Only domain owners can access and edit the Security Policy setting described in this article.

Access your Security Policy

To access your Security Policy, follow the steps below.

  1. Go to MyAccount then select Security Policy.

  2. Locate the Security Policy already set up and attached to your domain.

  3. Beside the relevant security policy, click Edit.

Enable impersonation for the organisation

Within the Security Policy, there is a setting called Allow impersonation. Once enabled, users within your organisation will be able to grant impersonation access to others via their own account settings. To do this, follow the steps below.

  1. From the Security Policy edit screen, locate the Allow impersonation setting.

  2. To make this option available to all users, turn on Allow impersonation.

  3. To save changes, click Save.

Setting up an impersonation whitelist

You can restrict impersonation by allowing only a defined list of users or email addresses to request access. Manage this setting from the Security Policy screen. To configure it, follow the steps below.

  1. After enabling Allow impersonation, locate the Impersonation white-list field.

  2. In the Impersonation white-list field, enter the email addresses or users you wish to permit.

  3. To apply the changes, click Save.

πŸ“ŒNote: Only users on the whitelist can receive impersonation access from others in the organisation

Granting impersonation access (user steps)

Once impersonation is enabled at the organisation level, individual users can grant access. To do this, follow the steps below.

  1. In the top right-hand corner of the screen, click your name then select My Account.

  2. You will be taken to the Manage your Access account screen in a new tab.

  3. Under My Account, click Impersonations.

  4. Under Add a new impersonator, fill the following fields:

    • Email address: Enter the relevant email address.

    • Expires after: Set the value to an appropriate timeframe.

  5. To confirm, click Add.

Audit and login activity

πŸ“ŒNote: PeopleXD Audit does not explicitly identify when a session was accessed by an impersonator.

However, the system records login activity, which you can review in PeopleXD Settings > Security (table: cp_portal_activity) or the Logon History view in PeopleXD Insights.

Related Articles
Access Evo organisation member settings
Manage users and Access Evo members FAQs
Check the tags in use in Access Evo
Branding in PeopleXD Evo
Access your PeopleXD Evo UAT environment
Did this answer your question?