Last updated

User Impersonation

As a System Admin, you can impersonate or make API calls on behalf of any user (even another System Admin) in your plan. You might, for example, impersonate a user to troubleshoot a user's problems or cover for a user who is sick or on vacation.

Steps

Call the API endpoint you want and include the following headers:

  • Assume-User: email address of the user

  • Authorization: Bearer API_TOKEN

    Important: If you're impersonating another System Admin, you must use one of that System Admin's tokens. Make sure to get a token from the user ahead of time.

The request executes as though sent by the user you're impersonating.

Examples

cURL example

curl https://api.smartsheet.com/2.0/sheets \
-H "Authorization: Bearer ll352u9jujauoqz4gstvsae05" \
-H "Assume-User: jane.doe%40smartsheet.com" \

NOTE: In a cURL command, you must URI-encode the email address you use as the Assume-User header value.

C# example

SmartsheetClient smartsheet = new SmartsheetBuilder()
.SetAccessToken(accessToken)
.SetAssumedUser("jane.doe@smartsheet.com")
.Build();

Java example

smartsheet.setAssumedUser("jane.doe@smartsheet.com");

Node.js example

// Set options
var options = {
assumeUser: "jane.doe@smartsheet.com"
};

// List Sheets
smartsheet.sheets.listSheets(options)
.then(function(sheetList) {
    console.log(sheetList);
})
.catch(function(error) {
    console.log(error);
});

Python example

smartsheet_client.assume_user("jane.doe@smartsheet.com")

Ruby example

smartsheet.sheets.list(
header_override: {:'Assume-User' => CGI::escape('jane.doe@smartsheet.com')}
)