[20:13:23]
<Jeff> Happy Saturday everyone 🍻
[22:28:42]
<Kavelach> Hi folks! As an YH admin for an org, I want to be able to impersonate users to debug issues and see stuff as they see it. Right now I can only do that by asking for their password, which isn't ideal and I avoid it like the plague. But I was wondering if something like this would be easy to build into YH? I looked at the issue tracker and didn't see a report for this yet
[22:28:45]
<Salamandar> uuuuuuuuuuh
[22:28:46]
<Salamandar> you might want to ask them for the headers sent by their browser to get the session header
[22:28:49]
<Salamandar> but uh…
[22:28:50]
<Salamandar> not even sure it could work
[22:29:00]
<Kavelach> Yeah, but this requires an interaction from the user, and also not every user would be able to do this without much guidance
[22:29:52]
<Salamandar> yeah
[22:29:53]
<Salamandar> TBH having a way to do that sounds like a recipe for disaster
[22:29:55]
<Aleks (he/him/il/lui)> it's not straightforward at all that an impersonation mechanism can be done at all, at least not in the current state of the SSO, because some apps do require the actual user password to authenticate even through the sso
[22:31:19]
<Kavelach> > <@Alekswag:matrix.org> it's not straightforward at all that an impersonation mechanism can be done at all, at least not in the current state of the SSO, because some apps do require the actual user password to authenticate even through the sso
yeah, that would be all right by me, as long as the apps that can be SSOd would work to be honest
[22:32:22]
<Salamandar> > <@Alekswag:matrix.org> it's not straightforward at all that an impersonation mechanism can be done at all, at least not in the current state of the SSO, because some apps do require the actual user password to authenticate even through the sso
Maybe the SSO can be tricked via nginx ? :D
[22:32:25]
<Aleks (he/him/il/lui)> it's not the SSO that needs to be tricked, it's the app themselves