Hi everyone!
Today we're releasing a new version of Team Password Manager, 9.125.225, with two major new features: SAML Single Sign-On Authentication and a browser extension backend to support a new extension update (3.15.10).
SAML Authentication
As you probably know, Security Assertion Markup Language (SAML) is a standard for exchanging authentication and authorization information between an Identity Provider, such as OneLogin, G Suite or Azure, and a Service Provider, in this case Team Password Manager. SAML also allows web browser Single Sign-on (SSO), which basically allows a user to only authenticate against one Identity Provider and automatically be able to log in to many Service Providers. So, for instance, you could have all your users authenticate only once in G Suite or Azure and be able to use other apps, like Team Password Manager, without having to authenticate again.
We've also made it easy to provision users using LDAP but authenticate using SAML.
Please read our SAML documentation for all the details.
New Browser Extension Version: 3.15.10
We've also released a new version of our browser extension, 3.15.10, that doesn't use the API to work with Team Password Manager. This new version of the extension connects to Team Password Manager using the same browser session that the user initiates when logging in. To be able to support this new extension version we've had to develop an extension backend inside Team Password Manager. Basically what the API does, but specifically tailored to the extension.
This has many advantages:
- Works with any authentication mechanism: normal authentication, two-factor authentication, LDAP and SAML.
- Connects the extension automatically, and also disconnects it automatically when the user logs out.
- Logs extension actions, instead of API ones. So you'll be able to distinguish them easily filtering the Origin field of the log.
- It's a bit quicker, as it doesn't have to authenticate on each request.
- It's easier to install and operate as you don't have to worry about API access.
- Centralizes extension management. Currently the two extension options are saved in Team Password Manager. In the future we plan to add more functionality this way: enable/disable, exclude websites, etc.
We've still kept the old way of connecting that uses the API, as we understand that not everyone will update Team Password Manager right away. We consider it a deprecated way of connecting and it will eventually be removed. We'll warn in advance when we plan to do this.
There are a couple of things more in this release, please check the v. 9.125.225 change log to review all the changes in this version.
As always, we'd like to thank everyone who has contributed by suggesting new features or reporting bugs.