Impersonation is when ASP.NET executes code in the context of an authenticated and authorized client. By default, ASP.NET does not use impersonation and instead executes all code using the same user account as the ASP.NET process, which is typically the ASPNET account. There are 5 below steps by which we can establish Impersonation configuration in our secured application environment. 1.) Creation of Application/Proxy user where Application is hosted. 2.) Give appropriate access to the user. 3.) Create Database Login user on database. 4.) Authenticate User and provide credential on IIS. 5.) Then Configure web.config on Application.