diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7ab694e..8f7a84e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,8 @@
 ## [Unreleased]
 
 ### Added
+- Add impersonate flag to bearer token (#17)
+
 ### Fixed
 ### Changed
 ### Updated
diff --git a/acl/convert.go b/acl/convert.go
index d42aebd..3020f4d 100644
--- a/acl/convert.go
+++ b/acl/convert.go
@@ -427,6 +427,7 @@ func (bt *BearerTokenBody) ToGRPCMessage() grpc.Message {
 		m.SetOwnerId(bt.ownerID.ToGRPCMessage().(*refsGRPC.OwnerID))
 		m.SetLifetime(bt.lifetime.ToGRPCMessage().(*acl.BearerToken_Body_TokenLifetime))
 		m.SetEaclTable(bt.eacl.ToGRPCMessage().(*acl.EACLTable))
+		m.SetImpersonate(bt.impersonate)
 	}
 
 	return m
@@ -479,6 +480,8 @@ func (bt *BearerTokenBody) FromGRPCMessage(m grpc.Message) error {
 		err = bt.eacl.FromGRPCMessage(eacl)
 	}
 
+	bt.impersonate = v.GetAllowImpersonate()
+
 	return err
 }
 
diff --git a/acl/grpc/types.go b/acl/grpc/types.go
index e1e5336..b07f893 100644
--- a/acl/grpc/types.go
+++ b/acl/grpc/types.go
@@ -84,6 +84,11 @@ func (m *BearerToken_Body) SetLifetime(v *BearerToken_Body_TokenLifetime) {
 	m.Lifetime = v
 }
 
+// SetImpersonate allows impersonate.
+func (m *BearerToken_Body) SetImpersonate(v bool) {
+	m.AllowImpersonate = v
+}
+
 // SetBody sets bearer token body.
 func (m *BearerToken) SetBody(v *BearerToken_Body) {
 	m.Body = v
diff --git a/acl/grpc/types.pb.go b/acl/grpc/types.pb.go
index 3581b88..583f89a 100644
Binary files a/acl/grpc/types.pb.go and b/acl/grpc/types.pb.go differ
diff --git a/acl/marshal.go b/acl/marshal.go
index c56b90f..cd6c6dd 100644
--- a/acl/marshal.go
+++ b/acl/marshal.go
@@ -31,6 +31,7 @@ const (
 	bearerTokenBodyACLField      = 1
 	bearerTokenBodyOwnerField    = 2
 	bearerTokenBodyLifetimeField = 3
+	bearerTokenBodyImpersonate   = 4
 
 	bearerTokenBodyField      = 1
 	bearerTokenSignatureField = 2
@@ -251,7 +252,8 @@ func (bt *BearerTokenBody) StableMarshal(buf []byte) []byte {
 
 	offset += protoutil.NestedStructureMarshal(bearerTokenBodyACLField, buf[offset:], bt.eacl)
 	offset += protoutil.NestedStructureMarshal(bearerTokenBodyOwnerField, buf[offset:], bt.ownerID)
-	protoutil.NestedStructureMarshal(bearerTokenBodyLifetimeField, buf[offset:], bt.lifetime)
+	offset += protoutil.NestedStructureMarshal(bearerTokenBodyLifetimeField, buf[offset:], bt.lifetime)
+	protoutil.BoolMarshal(bearerTokenBodyImpersonate, buf[offset:], bt.impersonate)
 
 	return buf
 }
@@ -264,6 +266,7 @@ func (bt *BearerTokenBody) StableSize() (size int) {
 	size += protoutil.NestedStructureSize(bearerTokenBodyACLField, bt.eacl)
 	size += protoutil.NestedStructureSize(bearerTokenBodyOwnerField, bt.ownerID)
 	size += protoutil.NestedStructureSize(bearerTokenBodyLifetimeField, bt.lifetime)
+	size += protoutil.BoolSize(bearerTokenBodyImpersonate, bt.impersonate)
 
 	return size
 }
diff --git a/acl/types.go b/acl/types.go
index 71d83ce..1524e7b 100644
--- a/acl/types.go
+++ b/acl/types.go
@@ -52,6 +52,8 @@ type BearerTokenBody struct {
 	ownerID *refs.OwnerID
 
 	lifetime *TokenLifetime
+
+	impersonate bool
 }
 
 type BearerToken struct {
@@ -340,6 +342,18 @@ func (bt *BearerTokenBody) SetLifetime(v *TokenLifetime) {
 	bt.lifetime = v
 }
 
+func (bt *BearerTokenBody) GetImpersonate() bool {
+	if bt != nil {
+		return bt.impersonate
+	}
+
+	return false
+}
+
+func (bt *BearerTokenBody) SetImpersonate(v bool) {
+	bt.impersonate = v
+}
+
 func (bt *BearerToken) GetBody() *BearerTokenBody {
 	if bt != nil {
 		return bt.body