Reveal the password of an app integration

The Password reveal feature allows end users to see the passwords of their app integrations. This is especially useful if end users need to reenter a long, complicated, and randomly generated password into another device.

  • The following conditions are required:

    • An admin must enable Password reveal for the particular app integration.
    • The end user must have permissions to manage the app integration's password.
  • This feature isn't available for end users when any of the following sign-on options are selected:
    • Administrator sets username and password
    • Administrator sets username, password is the same as user's Okta password
    • Users share a single username and password set by administrator
  • For Secure Web Authentication (SWA) app integrations with Users share a single username and password set by administrator, only super admins or app admins can view or change the password.
  • Okta stores the end user's credentials in an encrypted format using strong encryption combined with a tenant-specific private key. When end users click an app tile, Okta securely posts their credentials to the external app's sign-in page over SSL and the user is signed in automatically.
  • End users can't reveal the password of an app integration that's configured with shared credentials.
  • The revealed password disappears after one minute. To show the password again, click Reveal Password.
  • If users have been signed in for longer than 15 minutes (or haven't clicked Reveal Password in longer than 15 minutes), they're prompted to reauthenticate with Okta. The password is revealed after reauthentication.

If this feature is enabled for the app integration, end users can do the following:

  1. From the End User Dashboard, select the Settings icon on the app tile for the app integration whose password you want to reveal. The settings option opens in the right pane.
  2. Select See Password . If you have the permissions to view the password, initially the Password field is masked.
  3. Click Reveal Password to display the password. End users can now copy the password and paste it into another device.