POST/v2/users/{user-id}/impersonateImpersonate user

Allow businesses to create an OAuth Grant on behalf of one of their users

header	Authorization	Authentication token (bearer token or API key).
{ "client" : String, "scope" : String }

Response

status	401	Invalid authentication token
{ "code" : String, UUID 4 formatted (e.g. "a426e157-8a5c-456a-8865-bec6394867ab"), "expiration" : Date/time with a timezone (ISO 8601, e.g. "2022-06-23T13:53:02+02:00") }

Example: Create an OAuth grant code without the right client

POST/v2/users/1/impersonate

header	Authorization	Bearer 5bac6931-15f1-43f6-b853-5b6781725007
{ "client": "BoldApp", "scope": "read" }

Response

status	400
header	Access-Control-Expose-Headers	authorization, content-type
header	Access-Control-Allow-Headers	authorization, content-type
header	Access-Control-Allow-Methods	GET, POST, DELETE, OPTIONS, PUT
header	Access-Control-Allow-Origin	*
header	Strict-Transport-Security	max-age=31536000; includeSubDomains
header	X-Frame-Options	SAMEORIGIN
header	X-Content-Type-Options	nosniff
header	X-XSS-Protection	1; mode=block
header	Content-Security-Policy	default-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none'
header	Referrer-Policy	no-referrer
header	Feature-Policy	self
header	Permissions-policy	interest-cohort=()
{ "message": "Impersonate requires an organization level authorization", "errorMessage": "Impersonate requires an organization level authorization" }