Impersonation feature enabling the ability to switch between various users within an organization in Okta Preview and EMEA

Is there a masquerade functionality available for user switching within my organization? This would simplify the process of logging in as different users without the need for specific requirements.

Additionally, is there an option for added security measures such as push notifications or one-time passwords? if not, can you implement it?

Yes, Okta provides a feature called “User Switch” or “Masquerade” that allows administrators to log in as another user within the organization for troubleshooting or assistance. This feature helps streamline support and administrative tasks without requiring the user’s credentials.

Here’s how you can use the User Switch feature in Okta:

  1. Navigate to the Okta Admin Console:

    • Log in to the Okta Admin Console.
  2. Access the User Profile:

    • Find the user for whom you want to masquerade.
    • Open the user’s profile.
  3. Initiate User Switch:

    • Look for an option like “User Switch” or “Masquerade” within the user’s profile.
    • Click on it to switch to the selected user’s account.

Please note that the availability and specific steps for User Switch might vary based on your Okta configuration and permissions.

Regarding additional security measures such as push notifications or one-time passwords, Okta supports various authentication methods, including multi-factor authentication (MFA). Okta offers a range of MFA options, including:

  • Okta Verify with Push Notifications: Users can receive push notifications on their mobile devices to approve or deny login attempts.
  • One-Time Passwords (OTP): Users can receive OTPs through various methods, such as SMS, email, or authenticator apps.

To implement MFA in Okta:

  1. Navigate to Okta Admin Console:

    • Log in to the Okta Admin Console.
  2. Configure Multi-Factor Authentication Policies:

    • Go to the “Security” or “Authentication” settings.
    • Set up MFA policies and choose the methods you want to enable.
  3. Assign MFA Policies:

    • Assign the MFA policies to the relevant user groups or individuals.
  4. User Enrollment:

    • Users will need to enroll in MFA during their initial login or as part of the account setup process.

Please note that the availability of specific MFA methods can depend on your Okta subscription and configuration. If you encounter any difficulties or need more specific guidance based on your Okta setup, you may want to consult the Okta documentation or contact Okta support for assistance.

Thank you for providing Okta Multi-Factor Authentication (MFA). However, I am encountering difficulty utilizing the “User Switch” or “Masquerade” feature, which allows administrators to log in as another user within the organization.

Here are the steps I follow to access the list of all users in my organization under Okta Admin Console:

  1. Navigate to the “People” section under “Directory.”
  2. The list of users within my organization is displayed.
  3. Click on the desired user’s profile to view more options.

Within the user’s profile, I find the following options:

  • Applications
  • Groups
  • Profile
  • Devices
  • Admin roles
  • More Actions

Under “More Actions,” I find the following options:

  • Reset Authenticators
  • Clear User Sessions
  • Suspend
  • Deactivate

However, I am unable to locate an option to switch across users. Could you please assist me by providing detailed steps for user switching? Your clarification on this matter would be greatly appreciated.

Unfortunately, the user switch feature mentioned above does not exist, my mistake. If you could reply in more detail regarding what functionality you need, I may be able to suggest further workarounds for the issue.



I am seeking a masquerade functionality for user switching within our organization. This feature aims to streamline the process of logging in as different users, eliminating the need for specific requirements. It would greatly enhance the user experience and convenience of user management within our system.

What am I trying to achieve?

The primary objective is to streamline user switching within our organization, making it more efficient and user-friendly. The ‘Masquerade’ functionality would allow administrators to easily switch between user accounts without the need for specific prerequisites, simplifying the login process for testing, troubleshooting, or user support scenarios.

What am I currently doing?

At present, there isn’t a dedicated feature for masquerading or user switching within our Okta system. As a workaround, we may need to perform manual logouts and logins using different user credentials, which can be time-consuming and less practical, especially in a testing or support environment. Implementing a dedicated ‘Masquerade’ feature would eliminate the need for such workarounds, providing a more efficient and intuitive solution for user switching.

At this time, I cannot think of any feature within Okta that can support your use case, at least not by design. In general, the user would need to authenticate themselves and there is no way for another user to impersonate them.

CC @tanishkumar

Could you kindly request your team to consider integrating a masquerading feature?

This addition would be highly valued. Currently, if user switching isn’t supported, I believe it’s a valuable functionality that Okta should include. This feature could greatly assist administrators in aiding team members, providing support, and identifying issues in employee profiles.

While maintaining authentication as the primary focus, Okta could potentially implement authentication during the masquerading process.
The key request is to introduce a masquerading functionality for enhanced user support and management within the Okta system. Your support in this matter would be much appreciated.

I believe you may have just opened a request for this on our Okta Ideas site, which would be the correct procedure for this. Our Product team will review these Idea submissions and prioritize them based on demand.

For any other Okta Admins that finds this thread and is looking for this functionality, you can help increase the visibility of this request by voting on it here:

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.