Supplier Impersonation (Buyer Login As Supplier)
Source file: 2026-06-09-user-manual-supplier-impersonation.html
User Manual
| Field | Value |
|---|---|
| Document Type | User Manual |
| Portal | GRINEA – Supplier Portal |
| Module | Supplier Impersonation (Buyer Login As Supplier) |
| Version Number | 1.0 |
| Document Date | June 9, 2026 |
| Prepared by | Christian Canlubo |
Version History
| Version Number | Version Details | Author | Date Published |
|---|---|---|---|
| 1.0 | Initial Version | Christian Canlubo | June 9, 2026 |
1.0 Introduction
This manual covers the Supplier Impersonation (Buyer Login As Supplier) module of the GRINEA Internal Operations Portal. It documents how a Buyer requests access to a supplier's Supplier Portal account from the Supplier Management module, how a Supplier User approves that request, and how the Buyer operates within the resulting session with full, unrestricted access to all Supplier Portal functions.
1.1 Purpose of the Document
This manual documents the operating procedures, workflow steps, access rules, and system behaviors of the Supplier Impersonation (Buyer Login As Supplier) module in the GRINEA Internal Operations Portal. It is the primary reference for Buyers who need to request and use Supplier Portal access, and for Supplier Users who need to approve, monitor, or revoke that access.
The Supplier Impersonation module sits within the Supplier Management area of the Frontoffice portal. It allows a Buyer to submit an access request to a specific supplier from that supplier's profile page, which a Supplier User can approve via a token-based email link. Once approved, any Buyer can enter the Supplier Portal on behalf of that supplier using the "Log in as Supplier" button without a login screen. Once inside, the Buyer has full, unrestricted access to every Supplier Portal module and can perform all actions a Supplier User can perform. Access persists until a Supplier User revokes it from the Company Profile.
This manual enables Buyers and Supplier Users to complete all module actions independently, from submitting and approving access requests to entering, using, and exiting a Supplier Portal session. This document complements, but does not replace, organizational policies and procedures. Users experiencing platform issues should contact the system administrator.
1.2 Scope of the Document
This document covers the Supplier Impersonation (Buyer Login As Supplier) module located within the Supplier Management area of the GRINEA Internal Operations Portal. Specifically, this document covers:
- Navigating to a supplier's profile page from the Supplier Management module to initiate an access request
- Submitting a Buyer access request against a supplier profile
- Supplier User receipt of the access request notification email and approval via the token-based link
- Access states (Pending, Accessible, and Inaccessible) and how access transitions between them
- Entering the Supplier Portal as a Buyer and accessing all available Supplier Portal modules
- Exiting the session voluntarily using the "Exit Supplier View" control
- Supplier User revocation of Buyer access and its effect on any active session
- Session expiry and how to resume access after a session ends
- Visual indicators on the Supplier Management list and Supplier Portal Company Profile related to access state
The following areas are out of scope for this document:
- Creation and management of Purchase Requisitions: covered in the Purchase Requisitions User Manual
- RFQ creation, publication, and lifecycle management, including Quotation Comparison: covered in the Request for Quotations User Manual
- Supplier profile creation and onboarding: covered in the Supplier Management User Manual
- Approval chain configuration and RBAC permission management: covered in the RBAC and Access Control User Manual
1.3 Intended Audience
Buyer (Purchasing Specialist)
Initiates access requests from the Supplier Management module and operates within the Supplier Portal on behalf of the approved supplier with full access to all Supplier Portal functions.
Supplier User
Receives access request emails, approves or revokes Buyer access, and manages access status from the Supplier Portal Company Profile.
2.0 Module Overview
2.1 Description
The Supplier Impersonation (Buyer Login As Supplier) module sits within the Supplier Management area of the GRINEA Internal Operations Portal. A Buyer initiates an access request from a supplier's profile page inside the Supplier Management module. There is no separate entry point for this feature — the entire flow begins and is managed from Supplier Management.
When a Buyer submits an access request, the platform creates an access record in Pending status and sends an approval email to the selected Supplier Users. When a Supplier User approves the request, the access transitions to Accessible status and the Buyer may enter the Supplier Portal.
Once inside the Supplier Portal, the Buyer has full, unrestricted access to every module and action available to the Supplier User. There are no feature limitations tied to this access mode — the Buyer can use the Dashboard, Request for Quotations, Orders, Materials and Services, Company Profile, and any other available section just as the supplier would.
2.2 Key Features and Functionalities
2.2.1 Buyer Access Request
Accessible from the Supplier Profile page within the Supplier Management module in the Frontoffice. The "Request Supplier Access" button is shown only to Buyers with no active Pending or Accessible access for that supplier. Clicking opens a modal to select one or more Supplier User recipients and submit the request.
- Recipient list includes all Supplier Users for that supplier, including those who have not yet set up their accounts
- On submission: access record created in Pending status; approval email sent to each selected recipient
- Button disabled for 5 minutes after a successful submission
[Screenshot: Request Supplier Access Modal]
2.2.2 Access Approval (Supplier-Side)
When a Buyer submits an access request, each selected Supplier User receives an email from the platform. The email contains a single-use "Grant Buyer Access" button that is valid for 24 hours. The email is sent in the recipient's preferred language (English or Polish). Emails are delivered to all selected Supplier Users regardless of whether they have set up their accounts.
When a Supplier User clicks the button in the email, the platform validates the link. The link must not have expired and must not have been used before. On successful approval, the access status transitions from Pending to Accessible and the approving user and approval time are recorded.
The confirmation page is accessible without requiring the Supplier User to be logged in and displays in one of two states:
- State A: The approving user has an active account. The page is text-only and view-only.
- State B: The approving user has not yet set up their account. The page shows informational text and an "Activate my Account" button. Buyer access is granted regardless of whether the Supplier User completes account setup.
Once access is approved, a confirmation email is sent to all originally selected Supplier Users identifying who approved the access ("Authorized by: [email]"). Used or expired links show a corresponding page with no change to the access status.
[Screenshot: Access Approval Confirmation Page — State A (active account) and State B (account not yet set up)]
2.2.3 Impersonation Session
When access is Accessible, the Supplier Profile shows a "Log in as Supplier" button. Clicking it opens the Supplier Portal in a new browser tab with no login screen. The Frontoffice session remains active in its own tab.
- The Buyer has full, unrestricted access to every Supplier Portal module: Dashboard, Request for Quotations, Orders, Materials and Services, Company Profile, Notifications, and any other section available to the Supplier User. There are no feature limitations in this mode.
- A persistent orange banner shows the Supplier Profile name, a logging disclaimer, and an "Exit Supplier View" button throughout the session
- All session actions are logged with the Buyer's identity
- Only one active supplier session per Buyer browser; starting a new one ends the previous
[Screenshot: Impersonation Session — Orange Banner Displayed Throughout the Session]
2.2.4 Session Exit and Expiry
Click "Exit Supplier View" in the orange banner to exit. A confirmation modal appears — confirming closes the Supplier Portal tab and ends all parallel tabs for the same session. Exiting does not remove the supplier's approval; the Buyer can re-enter by clicking "Log in as Supplier" again without submitting a new request.
Sessions expire after 12 hours. When expired, the Supplier Portal shows a session expired message and the Buyer must click "Log in as Supplier" again to resume.
[Screenshot: Exit Supplier View — Confirmation Modal]
2.2.5 Access Revocation (Supplier-Side)
Any active Supplier User associated with the supplier may revoke the Buyer's access at any time from the Supplier Portal Company Profile page. When the Supplier Profile is in Accessible status, the Company Profile displays a green banner with the title "Buyer Access Granted" and the message: "You have approved Buyer access for GRINEA to act on your behalf. You may revoke this access at any time from your Company Profile." This banner is view-only and contains no interactive controls. A "Revoke Buyer Access" button is displayed separately on the Company Profile page.
Clicking "Revoke Buyer Access" opens a confirmation modal. On confirmation, access transitions to Inaccessible, any active Buyer session is ended immediately, and the Buyer sees a dedicated revoked-access page. The button is removed and a success confirmation is displayed. To regain access, the Buyer must submit a new request.
[Screenshot: Revoke Buyer Access — Company Profile Page]
2.2.6 Access Status Badge on the Supplier Management List
The Supplier Management list includes a visual badge on each supplier row to show whether Buyer access has been granted for that supplier. The badge provides at-a-glance visibility without requiring the Buyer to open the supplier's profile.
- Suppliers with Accessible status display the badge; suppliers without granted access display no badge
- The badge does not affect existing table layout, sorting, or pagination behavior
2.3 Status Lifecycle
Once access is Accessible, it is shared across all Buyers for that supplier.
| Status | Description |
|---|---|
PENDING | A Buyer has submitted a request. The approval email has been sent and the Buyer does not yet have access. Remains Pending until a Supplier User approves or the 24-hour link expires. |
ACCESSIBLE | A Supplier User approved the request. Any Buyer can now enter the Supplier Portal via "Log in as Supplier". Remains Accessible until revoked. |
INACCESSIBLE | A Supplier User revoked access or request has not been initiated. Any active Buyer session ends immediately. A new request and approval are required to regain access. |
2.4 Access Request and Approval Flow
A Buyer submits a request and a Supplier User approves it via email. The steps below cover the full flow.
3.0 Error Handling and Troubleshooting
Issues that persist after following the steps below should be escalated to the system administrator.
| Scenario | What to Do |
|---|---|
| "Request Supplier Access" button is disabled or the submission does not go through | No new request needed — the Supplier User already received the approval email. Submit a new request only if the 24-hour approval link has expired. The button will be available 5 minutes after being triggered. |
| Supplier User clicks the approval link and sees an "Access Already Granted" page | No action needed. The Buyer already has access. |
| Supplier User clicks the approval link and sees an expired-link page | The Buyer must submit a new access request. A new approval email will be sent. |
| Buyer is shown a revoked-access page mid-session | A Supplier User revoked access while the session was active. Exit the Supplier Portal and submit a new request to regain access. |
| Opening a second Supplier Portal session terminates the first unexpectedly | By design — only one active supplier session is allowed per Buyer browser. Complete all actions for one supplier before switching. |
4.0 Frequently Asked Questions
| Question | Answer |
|---|---|
| Where do I go to request access to a supplier's Supplier Portal account? | Go to the Supplier Management module in the Frontoffice, open the relevant supplier's profile page, and click "Request Supplier Access". This is the only entry point for initiating the access request. |
| Can multiple Buyers access the same Supplier Portal at the same time? | Yes. Once approved, the access is shared across all Buyers. Any Buyer can use "Log in as Supplier" without submitting a separate request. |
| Can I perform Frontoffice actions while in a Supplier Portal session? | No. Only supplier-level actions are available in the session. The Frontoffice session stays open in a separate tab. |
| How long does a supplier approval last? | Approvals do not expire automatically. Any active Supplier User can revoke at any time from the Company Profile, which immediately ends any active session. |
| Will the Supplier User see what I do during the session? | All session actions are logged with the Buyer's identity. A green banner on the Supplier Portal Company Profile shows that Buyer access is permitted. |
| What happens when my session expires? | Sessions expire after 12 hours. Click "Log in as Supplier" again to resume. |
| Does clicking "Exit Supplier View" revoke the approval? | No. Exiting ends the session only — the approval remains. Click "Log in as Supplier" again to re-enter. Only a Supplier User can revoke access. |