Is there a way to have like a super admin account that can impersonate or access a secured website/web api on behalf of another user?
Let's say I will login and get a valid token from Azure AD using an admin account, but that token contains info and claims as well as object Id of another user?