To support SSO the Linkage features needs to support pass through of Username & Password?

Options
acarr0
acarr0
Community Member
in 1Password in the Browser

I have found the "Link Existing" feature to be very useful in managing SSO credentials that can be used by many sites in a domain.

The only shortcoming is that it does seem to not support the Browser extension to auto-fill the Username and Password.

The way I have this setup is to create a single "Login" item that contains the Username and Password for a given SAML SSO domain.

I then created a number of "Login" items that only contained the URL to a given site and I linked that "Login" item to the one that contains the Username and Password for the SSO domain.

For example:

I first create a "Login" item called "abc.com credentials" contains the Username and Password that I need to use on all sites in the abc.com domain.

Next I create "Login" items for the following that only store the URL and aree linked to the Login item called "abc.com credentials".
https://server1.abc.com
https://server2.abc.com
https://server3.abc.com

If I then select the Login item for "server1.abc.com" and click "Open and Fill" the URL is opened in my browser but the Username and Password are not filled in.

It would be preferable if the Username and Password could be passed through from "abc.com credentials" in the above case.

The use case here is that I have about 50 systems that are all in the same domain and use the same credentials. Only the hostname differs. When I change my SSO password for this domain I then need to update all 50 Login items that use those credentials. What a mess!

Please consider implementation of this feature. When I search for SSO on this site I see that there is a lot of interest.

Thank you,
A. Carr

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Referrer: forum-search:SSO

Comments

  • Nhat_Nguyen
    Nhat_Nguyen
    Options

    Hello @acarr0,

    Thank you for reaching out to us. From your description, I assume you have the same username and password for all login items to the "abc.com" domain? If that is the case, I am not sure why you have to go through the steps to create multiple items with only a link?

    For more information, whenever you are on a URL, 1Password will strip all subdomains and suggest items have the main domain, so when you go to "https://server1.abc.com" for example, 1Password should show you "abc.com" login item.

  • acarr0
    acarr0
    Community Member
    Options

    No, the username and password are not identical for all login items in the "abc.com" domain. There are actually three different sets of credentials that could be in effect depending upon the Active Directory server that being used.

    In addition, I find it very useful to keep track of the many systems involved (almost 50) by creating a separate Login item for each. That way I only have one place to look for the system and the credentials needed to access it.

  • kevin.li
    kevin.li
    Options

    Hi @acarr0.

    Thanks for getting back to us.

    We have an existing feature request to find a better solution for users in SSO situations. So I've added your voice to the list, and our development team will investigate it further.

    I appreciate your valuable feedback and your time to help us improve 1Password.

    ref: IDEA-I-412

This discussion has been closed.