I'm working on an application where I'll need to help users with certain tasks as part of my customer service. Rather than build a separate admin interface, I'd prefer to have the ability to impersonate users to use the app for them.
Is this something that Firebase can do?
Yes!
admin.initializeApp({
credential: admin.credential.cert(service_account_json),
})
const userId = "[impersonating user uid string]"
const token = await admin.auth().createCustomToken(userId)
const token = "[token string obtained in step 2]"
firebase.auth().signInWithCustomToken(token)
Done! You're now impersonating selected user.
For obvious security reasons the backend endpoint, like Google Cloud Function should require authentication and verify if user requesting custom token is actually a privileged user (admin), to avoid situation where any authenticated user is able to impersonate anyone.