Filling passwords in Authentik SSO login forms not working as it should.

[ttk]

I have a setup where i am securing some applications with an Authentik SSO server. It does not work very well with Enpass. This is my problem: 

1. I open the URL to the application. It is forwarded to the SSO login form. The form has the callback URL to the application as HTTP GET parameters in the address bar, e.g. "https://authentik.simonszu.de/if/flow/default-authentication-flow/?next=%2Fapplication%2Fo%2Fauthorize%2F%3Fclient_id%3DSCEmh1dhqxFlmPM30asa7dPqxs3dMBskX87Kx8DE%26redirect_uri%3Dhttps%3A%2F%2Fcomics.simonszu.de%2Foutpost.goauthentik.io%2Fcallback%3FX-authentik-auth-callback%3Dtrue%26response_type%3Dcode%26scope%3Demail%2Bprofile%2Bak_proxy%2Bopenid%26state%3D1qTRKfZVO07F-Hh7I44_8vaurt9GzaNTETUy1igmH08"

2. I select the Authentik Login item in Enpass via the Chrome extension. The item has "https://authentik.simonszu.de" as the saved URL, since that is the most common denominator between all SSO-secured applications as well as the admin interface of the SSO server. 

3. As a result, the Enpass extension causes Chrome to open a new tab, with the address bar containing only "https://authentik.simonszu.de/if/flow/default-authentication-flow/?next=%2F", so, no reference to the callback URL to the actual application any more. 

4. If i try to do step 2 again in the new tab, Enpass does not fill the credentials, but rather opens a third tab, containing the same address in the address bar as in step 3. 

5. I can repeat step 3 and for for infinite time, causing Enpass and Chrome to open more and more tabs, and not logging in properly. 

Is there a flag where i can tell Enpass to simply fill in the credentials, and not trying to open the URL it has defined in the login item in a new tab? That would be nice. 

[Abhishek Dewan]

Hi @ttk

Kindly share the version of the Enpass app, OS, Enpass Extension and Chrome browser you are using and I'll have this checked for you.

[ttk]

Sure. 

It is on Windows 10 Pro, Patchlevel 19044.2486. However, i think this also happens on a Mac with OS X Ventura. Does not happen on iOS. 

Enpass is version 6.8.4. 

Chrome is version 109.0.5414.120 - but this issue occurs on Firefox as well. 

Enpass Extension is 6.8.0. 

 

[Abhishek Dewan]

Hi @ttk

Thank you for sharing the requested details.

I'm discussing this case with my dedicated team and will get back to you soon with an update. Your patience in the interim is appreciated.

#SI-3263

[Abhishek Dewan]

Hi @ttk

We were able to reproduce the bug on our end, due to which this issue is occurring. Our development team is working on a fix which will be available for future Enpass versions. We appreciate your cooperation and support in the interim.

[ttk]

Hi, that are good news. I will have an eye on new enpass versions and try it out subsequentially. 

[ttk]

@Abhishek Dewan Do you already have some updates? This issue is quite annoying and keeps me from fully rolling out Authentik in my environment. Should i keep an eye on Enpass releases or on Extension releases? 

[Abhishek Dewan]

Hi @ttk

Our development team is already aware of this concern and are working on a fix. I will be unable to share any ETA right now but I will be sure to update this forum once this issue is fixed. Your kind understanding in this matter is appreciated and any inconvenience caused is deeply regretted.