When debugging an embed user’s experience, the most reliable approach is to log in as the user using your external application. A secondary approach is regenerating their session via the Embed URL Builder.
Impersonate/View As reflect whatever was persisted the last time that user logged in — if their access has changed since then, or you’re testing a scenario that hasn’t happened yet, impersonation can show stale results. Building the embed URL directly forces a fresh login and guarantees you’re seeing current, live access.
Important Before You Start
Each embed URL load is a full replacement — not a patch. Every time an externalId loads, all their userAttributes, connectionRoles, etc. get overwritten. Using the real user’s ID risks corrupting their session state if you are running tests.
To simulate their embed session without impacting their user profile, Don’t use the real user’s externalId. Use a clearly marked test one instead — something like debug-admin or test-<your-name>.
Also: use a private/incognito window. Embed sessions run on browser cookies. Loading an impersonation session in a regular window can conflict with your existing Omni session. Incognito gives you a clean, isolated context every time.
Step 1 — Find the User’s Embed URL
You need the actual Omni embed session URL that your backend generates for this user — not their browser URL.
Two URLs, easy to mix up:
- Your app’s URL — e.g.
https://app.yourproduct.com/analytics— this is your own frontend. Not what you want.- The Omni embed URL — this is what your backend signs and injects into the iframe
src. It looks like:
https://<your-org>.embed-omniapp.co/embed/login?...- Or your custom vanity domain:
https://analytics.yourproduct.com/embed/login?...Check your backend embed URL generation code or server logs to find this. It’s the signed URL with all the parameters in the query string.
You can also find recent embed users in Settings > Users > Embed, which shows each user’s externalId and last login — helpful for confirming which user you’re looking at.
Step 2 — Copy Their Parameters
From the URL, pull out all the parameters. You’re looking for parameters like:
| Parameter | What it controls |
|---|---|
contentPath |
The dashboard or page they were viewing |
externalId |
Their unique ID (swap in your test one) |
name |
Display name |
email |
Optional, but include if they receive scheduled deliveries |
userAttributes |
Their user attribute values as a JSON object |
connectionRoles |
Their access level per connection — always include this, omitting it can cause unexpected access changes |
Step 3 — Build the URL
Go to Settings > Embed > URL Builder. Paste in everything from Step 2, substituting your test externalId. The builder generates the nonce and signature for you. Hit generate.
Step 4 — Load in Incognito
Open the URL in a private/incognito window. This ensures a clean session with no cookie interference from your own account.
You’re now viewing Omni exactly as that embed user would — same attributes, same connection roles, same content path.
Tab Hygiene
Close your incognito window when you’re done. Opening a new session doesn’t invalidate old tabs. If you’re debugging multiple users, use a fresh incognito window for each one to avoid accidentally viewing the wrong user’s data.