Impersonating a User

User impersonation is a security feature that allows one user to temporarily act under the permissions of another user (usually a privileged user) within the same session. This enables controlled execution of privileged actions without permanently granting elevated access, and all actions are audited as performed by the impersonated user.

To impersonate a user:

  1. Login to the server as the proxy user, USER1.

  2. To change the user execution to privileged user, USER2, run the following command:

    EXECUTE AS USER = 'USER2'

  3. Perform the protect/unprotect functionality on the data using a data element.

  4. Disconnect the current session and initiate the session as USER1.

    Similarly, the EXEC AS statement enables impersonation of a privileged user to perform operations according to the user’s assigned privileges.

    Note:

    • User impersonation settings apply only to the current session.
    • If a proxy user impersonates a privileged user and performs any operation, then entries in the Audit logs are displayed as performed by the privileged user, and not the proxy user.

Last modified : May 21, 2026