Impersonation is allows a entity to log into a client application under a different Digital Identity.

Impersonation may also extend to accessing Protected Resources (web APIs) as the impersonated identity and using their permissions.

Microsoft Active Directory allows Impersonation using an Impersonation Token

Some Authentication Methods support Impersonation by issuing Identity Tokens or Access Tokens and Refresh Tokens with a sub that differs from the currently logged-in user.

More Information#

There might be more information for this subject on one of the following: