Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Share Okta credentials cross accounts #740

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

tommywo
Copy link

@tommywo tommywo commented Oct 23, 2021

Allow splitting Okta login url to url and app_id so user can login once to okta and then use the same session to access different accounts, similarly like they can in the browser.

Configuration example:

[account-a]
app_id           = /app/example/AAAAAAA/sso/saml
url              = https://example.okta.com
provider         = Okta
(...)

[account-b]
app_id           = /app/example/BBBBBBB/sso/saml
url              = https://example.okta.com
provider         = Okta
(...)

The change from the SecClassInternetPassword to SecClassGenericPassword is because on the first login saml2aws would first save the okta session cookie to keychain and then delete it while saving the password. It also returned the token instead of password. this doesn't happen for me with SecClassGenericPassword.

I tested the change combined with pull request #722 and the fixes from issue #714

@tommywo
Copy link
Author

tommywo commented Nov 16, 2021

@wolfeidau What do you think about this pull request?

@wolfeidau
Copy link
Contributor

@tommywo changing the sec class would be a breaking change as keychain doesn't really handle this well...

We need to come up with a way to enable this without breaking existing users.

@briantist
Copy link
Contributor

This would be a really great feature for us too, I hope to see it accepted!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants