Impersonate a user and returning to admin user

This guide explains how to impersonate a user in Discourse and return to your admin account. This is useful when you need to troubleshoot issues faced by a specific user or verify their permissions.

Required user level: Administrator

The admin can choose to impersonate another user when needed. This can be useful when a member is experiencing odd behavior or you need to check their permissions. Impersonating another user acts as if you are logged in as that user. This documentation will guide you through the process of impersonating a user as an admin and how to return to the admin account.

Impersonating a User

1. Navigate to the Admin section of the sidebar and select Users.
   

   

   image2200×342 34.6 KB

2. Find and select the profile of the user you want to impersonate.

3. Click on Admin in the top right corner.
   

   

   image1002×191 9.23 KB

4. At the bottom, select the Impersonate button
   

   Once you’ve impersonated the user, you are no longer logged in as an admin. You will experience the Discourse interface just as the user does.

   

   image1028×172 7.23 KB

Terminating the impersonation session

Method 1, good for infrequent use:

To stop impersonating and return to your admin account, simply log out from the impersonated user account and log back in as the admin.

Logging in and impersonating in a private/incognito window prevents needing to log back in under your main browser session. Just close the incognito window and you’re good to go!

Method 2, recommended if you frequently impersonate users

As of August of 2025, a hidden experimental site setting (experimental_impersonation), when enabled, a banner appears at the top of the page with a clickable link to terminate the impersonation session and return to the Admin account from which you impersonated the user.

This setting has since been renamed to impersonate_without_logout (Feb. 2026).

When impersonate_without_logout is enabled a persistent banner appears at the top of the interface while impersonating a user, with a direct link to immediately end the session

This makes repeated impersonation workflows safer and more efficient, especially for support and QA

Additionally, the site setting experimental_impersonation_time_limit_minutes can be used to define a maximum duration for an impersonation session. Once this time limit is reached, the session automatically terminates, adding an extra layer of safety.

For self-hosted Discourse sites:

SiteSetting.impersonate_without_logout = true
SiteSetting.experimental_impersonation_time_limit_minutes = 30

For hosted Discourse customers: contact support to enable or configure these settings.

Last edited by @dax 2026-02-25T18:31:58Z

Check document

Perform check on document:

It might be worth noting that impersonating a user is not transparent – it creates a logged visit for that user, and resets any notification flags that are acted on. Probably best to communicate to any real user that it’s being done.

I also ran into this issue. Can we at least add a confirmation dialog on the Impersonate button? Currently it starts the impersonation right away without warning the user of the caveats, especially the one it creates a logged visit.

The other buttons in its vicinity (like Delete user) do have a confirmation dialog. As a user I would expect the Impersonate button to open a dialog just like the others.

I didn’t even note the lack of a confirmation dialog, but yeah, that would be a good place to warn that you’re about to become that user and leave tracks — not just poke around behind the scenes without impact.

I think you can enable the setting at /admin/config/upcoming-changes now.