Creating Applications with Password Vaults

When creating an application, Administrators can configure a Password Vault as an SSO option.

Once the Details are provided, navigate to the SSO tab. In the Type dropdown menu, select ‘Password Vault’.

Let’s review each field that can be configured, and the options included.

The first dropdown menu is to designate the Username Format, and contains the following options:

If ‘Domain\username’ or \Domain/username’ is selected, please provide the appropriate Domain in the next field. This domain will be included in the Username credential for this application.

The next dropdown will designate the source attribute for the Username credentials. There are a wide variety of options available, as seen below:

For Reference:

To ensure the correct Username field is selected, please refer to the list below for the specific attributes referenced in the GAL:

• AD Username: idautoPersonSAMAccountName

• Usernames: idautoPersonUserNameMV

• State ID: idautoPersonStateID

Please Note:

If your district is populating multiple values into the Usernames/idautoPersonUserNameMV field, it is highly recommended to avoid selecting this attribute for Username. Utilizing the AD Username or Email attribute will provide a specific value ensuring successful login for the Password Vault.

The last dropdown menu will designate the attribute used for the Password credentials in the app.

Once all of the fields have been configured, click the Save button at the bottom of the screen. To revisit these selections, an Administrator can view and edit the Details of the application.

IMPORTANT:

As a final step in the Application Creation process, the application must be assigned to Personas to be visible in the GO! View. For more details on this process, please review this article: Configuring RapidIdentity GO! View

Additional Notes Regarding Configuration and Functionality:

• Websites with an additional captcha step in their authentication workflow will function as a Password Vault, but the User will have to interact with it.

• Websites with NTLM authentication will successfully pass credentials into a Password Vault, but the credentials cannot be captured if User Provided.

• Multi-Page Login Forms: Currently, we do not support websites with multi-page login forms.

• Third Input Fields: If a website’s login form includes a third input field (beyond username and password), our extension does not handle that case.

• Immediate Closure of Webpages: If a user enters credentials and logs in, but the webpage is closed immediately afterward, the credentials will not be updated on the server.