New in Symfony 6.4: Impersonation Utilities

User impersonation is a popular Symfony security feature that allows you to log in in the application as another user without knowing their credentials. It's mostly useful to debug issues reported by your customers that you can't reproduce with your own user.

Symfony provides some Twig functions to ease working with user impersonation: impersonation_exit_path() and impersonation_exit_url(). These functions generate the relative and absolute URL that you need to browse to exit or stop the impersonation and return back to your own user.

In Symfony 6.4 we're adding new Twig functions related to impersonation. They are called impersonation_path() and impersonation_url() and they generate the relative/absolute URL needed to impersonate a user:

Using these functions is more future-proof than generating the paths/URLs manually, because the query string parameter included in them is a "magic string" that is configurable in the application.