Ideas

The common scenario is to allow sales or customer service to see the site as the customer sees it and to be able to place orders as the customer.

One solution is to add ImpersonatorUserId-attribute on the securitytoken the same way as it is done in .net boilerplate, see: https://aspnetboilerplate.com/Pages/Documents/Abp-Session