Stateless User Impersonation

In this short series we are investigating a new feature in Symfony 3.4, which is 'stateless user impersonation'.

The gist of this feature is to easily enable privileged users - typically site admins - to be able to behave as though they were really a different user.

This is a particularly useful ability when managing almost any site.

It's fairly common for site users to email in with problems affecting only their user profile. Maybe they are unsure how to add some essential details, or they see a particular error page that no other site users are reporting.

In these instances, being able to switch from your logged in Admin credentials to 'trick' Symfony into thinking you are a different user is very useful, particularly as you do not need to know the user's password in order to impersonate them.

This feature is already available inside Symfony. In fact, there's already a video explaining how to do this right here on

So, what's the difference here?

Well, these videos are all about impersonating users when using stateless authentication.

If you're working with a JSON API, and you are using JWT / JSON Web Tokens for example, the existing approach detailed above won't work for you. There is at least one third party bundle to provide this feature, but as of Symfony 3.4 we're getting this functionality built right into the framework.

And that's what we're going to cover here.

It's features like this that make me love Symfony more and more.


# Title Duration
1 Tutorial Setup - Getting Docker Up and Running 02:57
2 Impersonating Users on a JSON API (Without FOS User Bundle) 05:40
3 Impersonating Users on a JSON API (With FOS User Bundle) 03:40
4 Digging A Little Deeper 06:19

Code For This Course

Get the code for this course.

Presented By

Christopher Moss

Christopher Moss

Hi, I'm Chris and welcome to In this video you will learn about... :)