Page tree

Magnolia 5.7 reached extended end of life on May 31, 2022. Support for this branch is limited, see End-of-life policy. Please note that to cover the extra maintenance effort, this EEoL period is a paid extension in the life of the branch. Customers who opt for the extended maintenance will need a new license key to run future versions of Magnolia 5.7. If you have any questions or to subscribe to the extended maintenance, please get in touch with your local contact at Magnolia.

The Passwords app, installed by the Password manager module, allows you to manage (add, import, change, delete) passwords centrally in the administration of Magnolia. By default the app is provisioned to the superuser role only. 

Configuration

The configuration of the app is stored in the YAML definition file /password-manager/apps/password-manager.yaml .

The password browser

In the browser subapp, create/delete and use folders to organize the passwords:

When creating a folder name, all spaces in the name of the folder will be replaced with a dash (-) character when saving the folder.

For the passwords to be accessible also on the public instance, you have to publish the given password node(s).

The password edit dialog

Use the dialog to change the name and/or the value of the password. When typing the characters in the password value fields, the value is always disclosed by asterisks: 

The Password ID field shows the password's JCR UUID, which can be used to reference the password in the registry.

If you duplicate an existing password using the Duplicate password action in the Action bar of the app, the duplicated (new) password's value remains the same as the original but it is assigned a new UUID number.

A use case: Mail app

Let's suppose you want to use a password stored in the Passwords app in the configuration of how Magnolia sends emails, i.e. in the configuration dialog of the Mail app. Go to the Mail app and depending on whether you want to use

  • Authentication with username and password, or 
  • Authentication with OAuth 2.0

fill in the fields for the Username, Client ID, Refresh Token and then at the Password field or the Client Secret field, respectively, click the SELECT ANOTHER button. A dialog will open allowing you to choose a password from the passwords stored using the Passwords app:

In this way you can reuse one and the same password in more apps and remember fewer passwords.

Referencing passwords

Do not use module and relative path to reference a password in the registry. There are several drawbacks to this method. Rather, use the password's JCR UUID.