Reveal the password of an app integration
The Password reveal feature allows end users to see the passwords of their app integrations. This is especially useful if end users need to reenter a long, complicated, and randomly-generated password into another device.
For this feature to to work:
- An admin must enable Password reveal for the particular app integration.
- The end user must have permissions to manage the app integration's password.
- This feature is not available for end users when any of the following sign-on options are selected:
- Administrator sets username and password
- Administrator sets username, password is the same as user's Okta password
- Users share a single username and password set by administrator
- For SWA app integrations using the Users share a single username and password set by administration option, only Super admins or App admins can view or change the password.
- Okta stores the end user's credentials in an encrypted format using strong encryption combined with a customer-specific private key. When end users click an application tile, Okta securely posts their credentials to the external application's login page over SSL and the user is signed in automatically.
- End users cannot reveal the password of an app integration configured with shared credentials.
- The revealed password disappears after one minute. To show the password again, click Reveal Password.
- If users have been logged in for longer than 15 minutes (or haven't clicked Reveal Password in longer than 15 minutes), they are prompted to reauthenticate with Okta. The password is revealed after reauthentication.
If this feature is enabled for the app integration, end users can do the following:
- From the End User Dashboard, select the Settings icon on the application tile for the app integration whose password you want to reveal. The settings options opens in the right pane.
- Select See Password . If you have the permissions to view the password, initially the Password field is masked.
- Click Reveal Password to display the password. End users can now copy the password and paste it into another device.