Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
1
-
Description
We don't have enough logging in place when an org admin impersonates / logs in as another user.
Below are the areas of improvement:
- When an admin logs out as another user then this is not audited or logged in the audit logs.
- Having a tag (impersonated by <admin>) in the product logs when product configurations are updated
- We should have logs to track activities performed by the admin who impersonated another user.