Testimonials
What our customers say about Team Password Manager

External Sharing of Passwords

Current Team Password Manager version: 12.160.277

External sharing of passwords allows passwords to be viewed without signing in to Team Password Manager, using a special URL. It's a feature that needs to be enabled on a password basis, it's not enabled to all of the passwords by default. It's available since version 6.56.118, and optionally using a password and expiry date since version 7.93.204. This document explains all about external sharing.

Enable/Disable

External sharing of passwords is disabled by default. To enable it, go to "Settings" on the Top Menu, then "External Sharing" on the left sidebar, click on the "Enable External Sharing of Passwords" button and confirm. You can always disable this feature in the same setting.

After enabling external sharing you need to activate external sharing on each password you want to share (see how in the next section). If external sharing is disabled, no password can be shared externally.

How to share a password externally

To share a password externally, go to the password screen of the password you want to share and click on the dropdown on the "Locking" button to show the "Ext. Sharing" option:

External sharing button

Click on it and you'll see the external sharing configuration screen:

External sharing configuration screen

To share the password externally just check the "Share externally" checkbox and "Save". You'll be taken to the newly created "External Sharing" tab on the password where you'll be able to see the URL with which you can view the password externally. You'll also be able to notice the world link icon (External sharing icon) to symbolize that the password is now externally shared:

Externally shared password tab

You can now send this URL to anyone interested in the password but who cannot log into Team Password Manager. An externally shared looks like a regular password but without the Team Password Manager menus and buttons. It's only the password, so if you open the URL yourself you'll see a screen similar to this one:

Externally shared password

Using an expiry date

You can optionally expire the external sharing link using an expiry date. To do it, enter the expiry date on the external sharing configuration screen of the password:

Entering an expiry date into the external sharing configuration screen

Here's how you see the "External Sharing" tab with an expiry date:

External sharing tab with an expiry date

If the external sharing is expired, the URL will no longer be valid, returning a 404 (not found) error. Internally, the password will look like this: notice that the world icon is now different (has changed to External sharing expired icon) and the "External Sharing" tab shows the Expired label:

Expired externally shared password

Note that the externally shared URL doesn't change when an expiry date is set. It's always the same URL, with or without expiry date and expired or not.

Using a password to protect the external sharing

You can optionally use a password to protect the externally shared password. To do it, enter the password on the external sharing configuration screen of the password:

Entering an password into the external sharing configuration screen

Here's how you see the "External Sharing" tab with a password:

External sharing tab with a password

So now, when opening the URL, the viewer will have to enter the configured password to see the external view:

Enter password to open externally shared view

Note that the externally shared URL doesn't change when a password is set. It's always the same URL, with or without password.

How to stop sharing a password externally

To stop sharing a password externally you simply uncheck the "Share externally" checkbox of the external sharing configuration screen. When you do this the URL will no longer be valid and if it's used it will return a 404 (not found) error. Note that the same happens if an externally shared password is expired.

To stop externally sharing ALL OF THE PASSWORDS you need to disable external sharing. When you do this, none of the passwords is externally shared and all of the URLs return the 404 (not found) error, but their external sharing configuration remains. So, if you re-enable external sharing again, the passwords that were configured to be externally shared will be externally shared again.

Features of externally shared passwords

  • Externally shared passwords cannot be locked. Consequently, locked passwords cannot be externally shared.
  • Externally shared passwords have this icon in their screens and in lists: External sharing icon
  • Externally shared passwords that have expired have this icon in their screens and in lists: External sharing expired icon
  • The following data are shown when accessing a password externally: password name, project name, access, username, e-mail, password, expiry date, custom fields, notes and files.
  • Password that are externally shared can be found using the has:external or has:external_sharing advanced search operators.
  • All the external URLs of externally shared passwords begin with pwde, for example: https://tpm.mycompany.com/index.php/pwde/view/4de8a8e86a143fe5bd8a4e75edf08d98e237ecb233. After pwde anything else can change. You can use this information if you need to allow these URLs to get through your firewall in case your Team Password Manager installation is protected from the outside.

API

Since API v4, API requests return the following data of externally shared passwords:

  • In lists (GET /passwords.json): "external_sharing": true if the password is externally shared or "external_sharing": false otherwise.
  • When showing a password (GET /passwords/ID.json): the following fields are returned:
    • external_sharing: with values true or false.
    • external_url: with the external URL if the password is externally shared or null otherwise.

Document changelog

Dec 20, 2021: Document created
Questions or Problems? Please contact our support department