⇠ Back to the blog
Cover for Just in time approval workflows for user impersonation

Just in time approval workflows for user impersonation

Ben Bleikamp avatarWritten by Ben Bleikamp

User impersonation allows support and engineering teams to log in and operate as any user. It sounds risky, but it's a critical tool for quickly and safely doing remote debugging at scale.

In the early days of GitHub the speed of growth created a huge support queue for the team to work through. From caching bugs to permissions questions, being able to impersonate a user was indispensable to quickly improving the quality of our product.

But we're a long ways from Facebook's master password access any account.

With regulations like SOC2, HIPAA, and ISO-27001 and the rise of insider attacks and data leaks, this privileged access needs to have controls and auditability around it.

Cased API

Cased API makes it easy to add controls and audit trails to any admin or staff tool at your company.

With Cased you can take any action, such as log in as user, and trigger a workflow on Cased:

  • Any action you instrument is logged in our immutable, highly available audit trails. You can search by user, time, or any field you include in your API calls.
  • Trigger workflows for approvals and alerts.
  • Export the audit trail to CSV, JSON, and other common formats for internal and external audits.

Sign up for our beta

To sign up for our beta, schedule a quick 1:1 demo with us and we'll get you setup with Cased API.