With impersonation, you can allow users or user groups to act on behalf of other users or user groups and see the website through their eyes.

They can then log in to frontend with their regular extranet login, and select a user to impersonate (Figure 1.1).

Figure 1.1 The user who impersonates someone will be able to select whom to impersonate when logging in

Impersonation settings can be set on both individual users and at a group level, by clicking the Impersonation button in the ribbon bar.

This will launch a window (Figure 2.1) where you can select:

  • Which users and user groups are available to impersonate
  • Which users and user groups can impersonate this user or user group
Figure 2.1 Selecting who can impersonate whom is done from the impersonation window

If you cannot find the Impersonation button, try saving the user first.

In Dynamicweb, there are two impersonation modes:

  • Only orders (actions on behalf of the impersonated user)
  • Full impersonation (the current user is replaced with the impersonated user)

You can switch between the modes using the impersonation settings.

Since the global tags varies with the two impersonation modes, you may want to differentiate sections in your templates (for instance, if you have a paragraph with "X is now impersonating Y".

To do this, you can use the Global:Extranet.ImpersonationMode tag and create an if/else statement where the CurrentUser tags and SecondaryUser tags are switched.

Selecting the "Only tag orders with impersonating user" setting enables the Only orders mode. When a user impersonates someone using this mode, orders they create are then placed on behalf of the impersonated user.

The following rules exists for this mode:

  • Permissions (for pages etc.) are based on the impersonated user
  • Orders are tagged with the impersonated user (Figure 4.1)
  • Prices are based on the impersonator
  • Forum posts are placed by the impersonator


Selecting the "Replace current user with impersonated user" enables the Full impersonation mode. This mode basically switches the impersonator's and the impersonated user's IDs (CurrentUser tags are switched with the SecondaryUser tags). The impersonator can now act completely and directly on behalf of the impersonated user.

The following rules exists for this mode:

  • Permissions (for pages etc.) are based on the impersonated user
  • Orders are not tagged, but placed directly by the impersonated user
  • Prices are based on the impersonated user
  • Forum posts are placed by the impersonated user

When using Full Impersonation mode, you can check Use impersonator for permissions setting. This ensures that permissions are based on the impersonator. Otherwise, the rules are the same for the Full impersonation mode.

Remember to change your templates in order to support impersonation.

For instance, you can add an impersonation profile selector using the DWExtranetSecondaryUsers loop, as in the following example:

<select id="DWExtranetSecondaryUserSelector" name="DWExtranetSecondaryUserSelector"> @foreach (LoopItem i in GetLoop("DWExtranetSecondaryUsers")) { var userId = @i.GetValue("UserID"); <option value="@userId ">@i.GetValue("UserName")</option> } </select>

The user should also be able to stop impersonation again. For this, you can insert a button using the following name (works for both impersonation modes):

<input type="submit" name="DwExtranetRemoveSecondaryUser" id="DwExtranetRemoveSecondaryUser" value="Stop impersonation">

If the list of available users/user groups in frontend doesn't match updated changes in the backend, try logging out of the frontend and then log in again.

Impersonation allows users to make orders on behalf of other users. In the order list for the user, it would be useful to see which users submitted orders on behalf of other users.

Therefore, you can edit the order list template and create two columns:

  • An "Order created by" column with a header using the Ecom:CustomerCenter.CustomerAccessUserUserName tag
  • An "On behalf of" column with a header using the Ecom:CustomerCenter.SecondaryUserName tag

For each tag, corresponding sorting tags are also available as shown below.

Column headers:

<td nowrap>Created by @GetValue("Ecom:CustomerCenter.SortByCustomerAccessUserUserName.Desc") @GetValue("Ecom:CustomerCenter.SortByCustomerAccessUserUserName.Asc") </td> <td nowrap>On behalf of @GetValue("Ecom:CustomerCenter.SortBySecondaryUserName.Desc") @GetValue("Ecom:CustomerCenter.SortBySecondaryUserName.Asc") </td>

Now, to render the data for the columns, you must use the Orders loop. Inside this loop, use the:

  • Ecom:Order.Customer.AccessUserUserName for the data in the "Order created by" column
  • Ecom:Order.CustomerSecondaryUserName tag for the data in the "On behalf of" column


<td nowrap> @GetValue("Ecom:Order.Customer.AccessUserUserName") </td> <td nowrap> @GetValue("Ecom:Order.Customer.SecondaryUserName") </td>

These examples are based on the Order only mode (the default mode). If you're using the Full impersonation mode, remember to switch the AccessUserUserName and SecondaryUserName tags around.


These are the tables relevant for Impersonation in the Dynamicweb database:


Contains AccessUserId of users (AccessUserSecondaryRelationUserID) who can log in on behalf of other users (AccessUserSecondaryRelationSecondaryUserId) (i.e. Impersonate them).

Field name Data type Length
AccessUserSecondaryRelationUserId int 4
AccessUserSecondaryRelationSecondaryUserId int 4
AccessUserSecondaryRelationAutoId int 4