The Passwords app, installed by the Password manager module, allows you to manage (add, import, change, delete) passwords centrally in the administration of Magnolia. By default the app is provisioned to the
superuser role only.
The configuration of the app is stored in the YAML definition file
The password browser
In the browser subapp, create/delete and use folders to organize the passwords:
When creating a folder name, all spaces in the name of the folder will be replaced with a dash (-) character when saving the folder.
For the passwords to be accessible also on the public instance, you have to publish the given password node(s).
The password edit dialog
Use the dialog to change the name and/or the value of the password. When typing the characters in the password value fields, the value is always disclosed by asterisks:
Password ID field shows the password's JCR UUID, which can be used to reference the password in the registry.
If you duplicate an existing password using the Duplicate password action in the Action bar of the app, the duplicated (new) password's value remains the same as the original but it is assigned a new UUID number.
A use case: Mail app
Let's suppose you want to use a password stored in the Passwords app in the configuration of how Magnolia sends emails, i.e. in the configuration dialog of the Mail app. Go to the Mail app and depending on whether you want to use
Authentication with username and password, or
Authentication with OAuth 2.0
fill in the fields for the
Refresh Token and then at the
Password field or the
Client Secret field, respectively, click the SELECT ANOTHER button. A dialog will open allowing you to choose a password from the passwords stored using the Passwords app:
In this way you can reuse one and the same password in more apps and remember fewer passwords.
Do not use module and relative path to reference a password in the registry. There are several drawbacks to this method. Rather, use the password's JCR UUID.