Sign up to save your podcasts
Or
Share 447: How to (not) implement impersonation
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
447: How to (not) implement impersonation
For developers, impersonation can be a powerful tool, but with great power comes great responsibility. In today’s episode, hosts Stephanie and Joël explore the complexities of implementing impersonation features in software development, giving you the ability to take over someone’s account and act as the user. They delve into the pros and cons of impersonation, from how it can help with debugging and customer support to its prime drawbacks regarding security and auditing issues. Discover why the need for impersonation is often a sign of poor admin tooling, alternative solutions to true impersonation, and the scenarios where impersonation might be the most pragmatic approach. You’ll also learn why they advocate for understanding the root problem and considering alternative solutions before implementing impersonation. Tune in today for a deep dive into impersonation and the best ways to use it (or not use it)!
Key Points From This Episode:
What’s new in Stephanie’s world: how Notion Calendar is helping her manage her schedule.
Joël’s quest to find a health plan: how he used a spreadsheet to compare his options.
A client request to build an impersonation feature, and why Joël has mixed feelings about it.
What an impersonation tool does: it allows you to take over someone’s account.
When it’s useful to use implementation as a feature, like for debugging and support.
Potential risks and responsibilities associated with impersonation.
Why the need for impersonation often indicates poor admin tooling.
Technical and security implications of impersonation.
Solutions for logging the audit trail when you’re doing impersonation.
Differentiating between the logged-in user and the user you’re rendering views for.
Building an app that isn’t as tightly coupled to the “current user.”
Suggested alternatives to true impersonation.
The value of cross-functional teams and collaborative problem-solving.
Links Mentioned in Today’s Episode:
Mailtrap
Notion Calendar
'Implementing Impersonation'
Sustainable Web Development with Ruby on Rails
The Bike Shed
Joël Quenneville on LinkedIn
Joël Quenneville on X
Support The Bike Shed
WorkOS
Support The Bike Shed
View all episodes
By thoughtbot
4.9
121121 ratings
For developers, impersonation can be a powerful tool, but with great power comes great responsibility. In today’s episode, hosts Stephanie and Joël explore the complexities of implementing impersonation features in software development, giving you the ability to take over someone’s account and act as the user. They delve into the pros and cons of impersonation, from how it can help with debugging and customer support to its prime drawbacks regarding security and auditing issues. Discover why the need for impersonation is often a sign of poor admin tooling, alternative solutions to true impersonation, and the scenarios where impersonation might be the most pragmatic approach. You’ll also learn why they advocate for understanding the root problem and considering alternative solutions before implementing impersonation. Tune in today for a deep dive into impersonation and the best ways to use it (or not use it)!
Key Points From This Episode:
What’s new in Stephanie’s world: how Notion Calendar is helping her manage her schedule.
Joël’s quest to find a health plan: how he used a spreadsheet to compare his options.
A client request to build an impersonation feature, and why Joël has mixed feelings about it.
What an impersonation tool does: it allows you to take over someone’s account.
When it’s useful to use implementation as a feature, like for debugging and support.
Potential risks and responsibilities associated with impersonation.
Why the need for impersonation often indicates poor admin tooling.
Technical and security implications of impersonation.
Solutions for logging the audit trail when you’re doing impersonation.
Differentiating between the logged-in user and the user you’re rendering views for.
Building an app that isn’t as tightly coupled to the “current user.”
Suggested alternatives to true impersonation.
The value of cross-functional teams and collaborative problem-solving.
Links Mentioned in Today’s Episode:
Mailtrap
Notion Calendar
'Implementing Impersonation'
Sustainable Web Development with Ruby on Rails
The Bike Shed
Joël Quenneville on LinkedIn
Joël Quenneville on X
Support The Bike Shed
WorkOS
Support The Bike Shed
More shows like The Bike Shed
View all
Radiolab
43,992 Listeners
Planet Money
30,808 Listeners
Marketplace
8,767 Listeners
Tentative
9 Listeners
The Changelog: Software Development, Open Source
288 Listeners
Giant Robots Smashing Into Other Giant Robots
88 Listeners
Build Phase
44 Listeners
Ruby Rogues
45 Listeners
Software Engineering Daily
625 Listeners
Soft Skills Engineering
289 Listeners
Syntax - Tasty Web Development Treats
989 Listeners
REWORK
210 Listeners
Crossroads
2 Listeners
Remote Ruby
34 Listeners
Reboot
12 Listeners
Hard Fork
5,527 Listeners
Shell Game
1,123 Listeners
Complex Systems with Patrick McKenzie (patio11)
134 Listeners
The Pragmatic Engineer
71 Listeners
Rails Business
0 Listeners