This can be done by
impersonating a user, which means you switch to a real existing account.
As this feature is potentially dangerous, it is deactivated and needs configuration file changes to activate it.
You need to adjust the application firewall and user role settings. Open the file
add the following line to the
It must look like this:
security: # ... firewalls: dev: # ... secured_area: # ... switch_user: true # ...
This activates the feature. Now adjust the super admin role, so it has the special role
security: # ... role_hierarchy: ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
Finally refresh your cache:
To switch to another user, add a query string with the
_switch_user parameter and the username as the value to the current URL (you must
be logged-in as a super admin to use this feature):
To switch back to the original user, use the special
To deactivate the feature again, simply revert your config changes and refresh the application cache again: