adding the account alias / ID of the AWS signin page would allow KeePassXC Auto-type to pick the correct AWS credentials automatically
Closed this issue · 6 comments
Background
I would like to configure a KeePassXC entry auto-type to look for a window title that includes the Account Alias / ID to which the user is trying to sign-in. This account Alias / ID is present when you go to, for example https://myaccountalias.signin.aws.amazon.com/console
Proposed Solution
Add the Account Alias field value to the title (or make the title include a configurable set of page elements)
Enabling this would allow me to auto-type for the correct account alias without having to scan the list of ALL auto-type enabled AWS entries. This can save a lot of time if I have many distinct AWS credentials, across many AWS accounts.
Problem
I don't know how to add a specific element of the page in the title, and this is not configurable.
Switching between AWS accounts is a common enough use case that I think it would make both this extension, and KeePassXC, more useful to more people.
LastPass has no solution for this. My move away from it was rather seamless thanks to this extension, except for the AWS signin page use case.
Hello,
I do not use AWS console, so I cannot test this, but here is my first question: Does the account alias or some unique ID show up in the full URL? In the screenshot above it looks like you are only showing the hostname. If the alias is in the full URL and you show the full URL then you could create a regex to recognize this.
The plugin does not have the type of feature you are requesting. It will add the active field attributes to the URL, but not an arbitrary field. It also does not add the contents of the field, since this would usually be blank or could be a password field.
It is technically possible to create an extension that can put the value of arbitrary fields in the URL; however, this would not have a lot of general use cases and I do not plan to implement this in the main branch.
This is a pity because I think it could be useful. @erichgoldman can you explain a bit more how to workaround this with the regex?
It does. You get given a url with your login. You get this login when you download you generated credentials:
Thar redirects to something like
You can take the last one, unique to you, and use that as your url. It will be valid for url matching, and also as a url to login from.
You may also add or remove a region from it e.g.
Note that these urls will give a bad url error unless they contain valud account_ids and client_ids
It does. You get given a url with your login. You get this login when you download you generated credentials:
* https://000000000000.signin.aws.amazon.com/consoleThar redirects to something like
* https://signin.aws.amazon.com/oauth?redirect_uri=https://console.aws.amazon.com&client_id=arn:aws:iam::0????????????:user/homepage&response_type=code&iam_user=true&account=00000000000You can take the last one, unique to you, and use that as your url. It will be valid for url matching, and also as a url to login from.
You may also add or remove a region from it e.g.
* https://us-southwest-2.signin.aws.amazon.com/oauth?redirect_uri=https://console.aws.amazon.com&client_id=arn:aws:iam::0000000000000:user/homepage&response_type=code&iam_user=true&account=00000000000Note that these urls will give a bad url error unless they contain valud account_ids and client_ids
I see but this is quite inflexible because I need to have all different URLs for different accounts. Supporting the additional field would solve this more elegantly IMHO
Totally agree, not trying to close this feature request, just sharing a work around.
Repo Maintenance The additional discussion provided an alternative without forking and making a custom version. Because this would be a very specific change, this was marked wontfix; therefore, I am closing this issue.